Network segmentation is a strategy used by organizations to segregate and isolate segments in an enterprise network, in order to create many 'sub-nets', each acting as its own mini network. The aim here is to reduce the attack surface, allowing network administrators to control the flow of traffic between segments of the network. This helps to enhance security methods, as well as localizing technical issues.
As company assets these days may be spread across many environments, such as public and private networks, security personnel need increased visibility in order to manage security breach detection and prevention. Segmentation can help network security personnel prevent unauthorized users from gaining access to valuable data, including financial records, client information, and other confidential and sensitive property.