Forrester Consulting recently conducted an analysis of customers using TrustSec software-defined segmentation in production networks and deduced the following:


This matters today as network segmentation in the branch, campus and data center is a critical foundation for any network defense. Effective segmentation helps protect key assets and data while preventing the dangerous lateral movements of hackers and ransomware. But the use of VLAN or firewalls is complicated, human resource intensive and not precise enough to provide the micro segmentation and control you need to separate and protect IoT, BYOD, and guest devices.

TrustSec software-defined segmentation is a micro segmentation technology embedded and available in most Cisco network devices shipping today so your costs to use it are relatively negligible. Since it obeys software-driven policies that are managed in ISE (Identity Services Engine) it’s easy to create precise rules to separate device classifications, such as BYOD, Guest, lighting systems, and video surveillance into separate segments across your branch, campus, and data center networks. Because you can control lateral movements as well as protocols between peers in a micro segment, such as ICMP, you can effectively stop the target discovery and takeover of hackers and malware using your network as an enforcer. TrustSec security inside the network complements next generation firewalls that provide perimeter protection and even improve firewall operations by dramatically simplifying firewall rule management.

“With TrustSec, you have no bandwidth restrictions versus the firewall approach. So we have less investment risk with TrustSec. And from an operational cost point of view, TrustSec is quite inexpensive.”

Head of network services, organization interviewed by Forrester.

Here is a list of ways TrustSec is saving customers:

  • Faster time to market for project roll outs
  • Simplified and automated firewall rule management plus associated operational savings
  • Improved regulatory compliance
  • Consistent and effective network segmentation
  • Simplified security engineering with simplification of security policy
  • Improved agility and ability to scale security policy
  • Increased security posture for the network

Get the full September 2016 commissioned study, The Total Economic Impact™ Of Cisco TrustSec, conducted by Forrester Consulting on behalf of Cisco, here.

For more information on Cisco Trustsec go to: www.cisco.com/go/trustsec.


Andrew Peters

Senior Manager for Product Marketing