Firewalls

Firewalls, within the scope of microsegmentation, refer to the enforcement mechanisms applied directly at the endpoint level to control network traffic based on defined security policies. Rather than relying solely on perimeter-based defenses, microsegmentation leverages host-native firewalls—such as Windows Defender Firewall or iptables on Linux—to apply granular, localized rules that restrict traffic between workloads.

These rules are centrally defined and automatically deployed to the endpoints, ensuring that only explicitly allowed communication paths are permitted. This approach minimizes the attack surface by preventing lateral movement across the network, even within the same subnet or VLAN.

Firewall policies can be dynamically adjusted based on asset roles, tags, or observed service patterns, allowing security teams to implement least-privilege access at scale without manual configuration on each host.