The Segmentation Blueprint: Designing, Deploying, and Scaling Network Segmentation for Modern Cyber Defense | 誠品線上

The Segmentation Blueprint: Designing, Deploying, and Scaling Network Segmentation for Modern Cyber Defense

內容簡介

內容簡介 The Segmentation Blueprint: Designing, Deploying, and Scaling Network Segmentation for Modern Cyber Defense Modern cyber attacks don't stop at the perimeter--they move laterally. Network segmentation is one of the most effective ways to contain threats, reduce risk, and protect critical systems, but many organizations struggle to move from theory to execution. The Segmentation Blueprint is a practical, business-aligned guide to designing, deploying, and evolving network segmentation in today's complex enterprise environments. Written for security architects, network engineers, CISOs, and technology leaders, this book shows how segmentation has evolved from traditional VLANs to modern micro- and nanosegmentation models that protect applications, workloads, APIs, and data across hybrid and multi-cloud networks. Using a phased, real-world approach, the book helps readers assess segmentation maturity, align segmentation decisions with business objectives, and implement scalable architectures that limit lateral movement and reduce the blast radius of breaches. Drawing on enterprise-proven practices and Cisco-informed insights, it bridges strategy and implementation--without locking readers into a single vendor. You'll learn how to: Align segmentation strategy with business risk, compliance, and resilience goals Design segmentation architectures for modern, application-centric environments Understand and apply traditional segmentation, progressively adding in microsegmentation Measure effectiveness and continuously improve segmentation outcomes Whether you're modernizing an existing network or building security into new architectures, The Segmentation Blueprint provides the clarity, structure, and tools needed to turn segmentation into a durable, scalable cyber defense strategy.

作者介紹

作者介紹 Raghunath Kulkarni is a principal engineer for the Cisco Security Technical Assistance Center (TAC) team. He focuses on cybersecurity operations and strategic collaboration, including threat intelligence, defensive measures, and ensuring that customers derive maximum value from their security investments. He has worked in technology and security at Cisco for over 16 years, ranging from deep technical support to cross-functional leadership roles with engineering and sales teams. His focus is guiding organizations through the adoption of robust defensive frameworks to minimize business risk and enhance operational resilience. Raghunath has extensive experience in advancing cybersecurity education across various sectors, including government, higher education, and enterprise security. Utilizing his CISSP and all five MITRE ATT&CK Defenders (MAD) certifications, Raghunath has architected comprehensive training programs and specialized engineering curricula for multiple universities. Raghunath's technology focuses include cyberthreat intelligence for proactive defense, testing and evaluation for security validation, and implementation of network security architectures to support digital transformation. Raghunath resides in Bengaluru, India, and when he is not consumed with technology, he is an avid reader and movie buff. Kaarthik Sivakumar is a principal engineer in the Cisco Security Business Group, working in the Multi-Cloud team that comprises the Secure Workload and Isovalent products. He focuses primarily on microsegmentation platforms and policies. Kaarthik has been working in the industry for 26 years, ranging from routing protocols, forwarding tables, DWDM optical line system, and Cisco Secure Firewall. Kaarthik has spent many years in product security and trusted network infrastructures, such as using Trusted Platform Module for storing confidential material and validating the trust status of a device, topics on which he has published blogs on the Cisco Blogs platform. He has also published in IEEE journals on the security of microservices architectures and static analysis security testing. As an ACM India Eminent Speaker, he is invited to lectures in ACM chapters around the country on the topic of security and trust. Kaarthik resides in Chennai, India. He contributes some of his free time to open-source projects and tools to improve his personal life, some to his study of the Sanskrit language, and the rest to outdoor activities. Renato Morais has been a cybersecurity solutions engineer at Cisco since 2017, and he has 20 years of experience in the networking and cybersecurity market. He works on projects with customers throughout the Americas, developing security architectures and solutions to protect users, data, and applications. A graduate in computer engineering, he holds various professional certifications, including CCIE, CISSP, and CCSP. Renato has also dedicated part of his career to training students in Cisco Networking Academy and preparing them for the CCNA certification. Furthermore, he has been recognized as a top contributor in the Cisco community for his contributions as a speaker at regional and global events such as Cisco Live and Cisco Connect, as well as for his work as a blog author. Outside work, Renato enjoys home automation, music, books, movies, and sports, and he describes himself as a craft beer hunter. He lives in Campinas, Brazil, with his wife and two sons. Patrick Lloyd is a senior solutions architect for the Cisco Security Professional Services team. He focuses on identity and access management, including segmentation, network access control, identity exchange, and identity integration for "smart" architectures in the continental United States and Canada region. Patrick has worked in technology delivery at Cisco for 16 years, including stints in the Technical Assistance Center (TAC) and working as a routing and switching design engineer, security design engineer, and security solutions architect. His focus is guiding customers through introducing structured approaches to increase visibility and identity exchange to minimize business risk and lateral attack vectors. Previously, Patrick worked in higher education and defense industries in system administration and operational roles. Patrick has extensive experience in integrating identity into various industries, including healthcare, manufacturing, finance, and defense. Utilizing Cisco technologies and the methodologies covered in this book to build a layered security model, Patrick has architected segmentation architectures, including smart building architectures, for more than 100 customers. Patrick's technology focus is on TrustSec for segmentation, analyzing traffic flow with Cisco Secure Network Analytics Stealthwatch for development of segmentation policies, implementing firewall and remote access architectures, and securing critical building systems through policy and segmentation while maintaining availability. Patrick resides in Durham, North Carolina, where he teaches self-defense and is an instrument-rated private pilot when not consumed with technology

商品規格

活動

• 6/3前 圖書滿$1,000折$100
• 6/3前 全站滿$1,500享92折
• 6/3前 全站滿$3,000享9折