Networking Intermediate

What is Network Segmentation?

The practice of dividing a network into isolated segments to improve security, performance, and management.

Network segmentation limits the blast radius of security breaches by isolating different parts of the network. If an attacker compromises one segment, they cannot easily move to others. This is a fundamental security practice.

Implementation methods include VLANs, subnets, firewalls, and micro-segmentation (per-workload isolation). Common segments separate DMZ (public-facing servers), internal networks, guest WiFi, IoT devices, and database servers. Zero Trust networks take segmentation to the extreme.

Learn More About This Topic

Network Security Basics

Closely related

Linux Networking Fundamentals

Related reading

Network Fundamentals

Related reading

Related Terms

Overlay Network

A virtual network built on top of an existing physical network, enabling features like container networking and VPNs.

NAT (Network Address Translation)

A method of mapping private IP addresses to public IP addresses, allowing multiple devices to share a single public IP.

BGP (Border Gateway Protocol)

The routing protocol that makes the internet work by exchanging routing information between autonomous systems.

A numbered endpoint (0-65535) that identifies specific processes or services on a networked computer for communication.

The fundamental communication protocol suite of the internet that defines how data is packaged, addressed, transmitted, and received.

A modern, lightweight VPN protocol that uses state-of-the-art cryptography and minimal code for fast, secure tunneling.

View All Networking Terms →