- Border routers that connect your company to the Internet
- Switches that are used in the DMZ and screened subnets outside the firewall
Network segmentation has been a ``set it and forget it`` effort, which once done is almost immediately out of date. But network segmentation needs to be managed, and policies continuously enforced to maintain the desired network segmentation and this is where we come into picture.
We see customers with hundreds of firewalls, routers, and switches across their network, each on average having hundreds of rules per device. A typical enterprise therefore has to consider tens of thousands of rules when segmenting its network in order to maintain a security and compliance.