Networking Intermediate

What is Network Segmentation?

The practice of dividing a network into isolated segments to improve security, performance, and management.

Network segmentation limits the blast radius of security breaches by isolating different parts of the network. If an attacker compromises one segment, they cannot easily move to others. This is a fundamental security practice.

Implementation methods include VLANs, subnets, firewalls, and micro-segmentation (per-workload isolation). Common segments separate DMZ (public-facing servers), internal networks, guest WiFi, IoT devices, and database servers. Zero Trust networks take segmentation to the extreme.

Learn More About This Topic

Network Security Basics

Closely related

Linux Networking Fundamentals

Related reading

Network Fundamentals

Related reading

Related Terms

A logical division of an IP network into smaller segments to improve performance, security, and management.

A device or software that connects two or more network segments at the data link layer, forwarding traffic based on MAC addresses.

The latest version of the Internet Protocol with 128-bit addresses, designed to replace IPv4 and solve address exhaustion.

The protocol used for transferring web pages and data between browsers and servers, with HTTPS adding encryption.

HTTP Keep-Alive

An HTTP mechanism that reuses a single TCP connection for multiple requests, reducing the overhead of establishing new connections.

A numbered endpoint (0-65535) that identifies specific processes or services on a networked computer for communication.

View All Networking Terms →