Gartner Market Guide: Microsegmentation for Zero Trust and Resilience

The days of simply fortifying the outer shell of your network are long gone. Today, the most damaging breaches often involve lateral movement — in which attackers move undetected from one compromised system to another within your network. 

The 2025 Gartner Market Guide reinforces the idea that limiting the lateral movement of ransomware and other malicious traffic is a primary use case for microsegmentation.

According to Gartner’s report, today’s microsegmentation technology offers more granular connectivity and flow mapping, so organizations can retire obsolete siloed network segmentation approaches that offer incomplete, static network flow views. Your organization likely has some form of segmentation, but is it truly granular? If not, you need to retire your old-school technology — and you’re not alone. 

That's why we're seeing an urgent market shift. Gartner predicts that by 2027, 25% of enterprises that are working toward a Zero Trust architecture will use more than one deployment form of microsegmentation. This is a significant increase from less than 5% in 2025. 

The message is clear: Deep, dynamic microsegmentation is the way forward.

The Gartner Market Guide outlines key features and recommendations for organizations that are aiming to implement effective microsegmentation strategies. These insights provide a clear roadmap for protecting your critical assets and achieving your Zero Trust goals. Our key takeaways are:

• Implement fine-grained zoning for true Zero Trust
• Gain visibility into north-south and east-west traffic
• Stop lateral movement in its tracks
• Achieve flexibility across hybrid environments

Microsegmentation enables least-privilege access at the individual workload or application level. That means only authorized communications are allowed, effectively shrinking the "blast radius" of any potential breach and aligning directly with core Zero Trust principles.

You cannot secure what you cannot see. Gartner identifies flow mapping — the ability to gather and visually represent north-south and east-west traffic flows and use them in the policy definition — as a mandatory feature. This real-time visibility is key to spotting vulnerabilities and defining smart, surgical policies.

Once attackers are in, it’s all about containment. Microsegmentation isolates workloads to prevent ransomware and advanced persistent threats (APTs) from spreading across your environment, significantly improving ransomware containment time.

Today’s infrastructure spans on-prem data centers, cloud platforms, containers, and virtual machines (VMs). The Gartner Market Guide stresses the importance of understanding the key features, use cases, and role of microsegmentation in an organization’s environment, as well as the importance of determining which model is the best fit for their needs.

The Gartner Market Guide further emphasizes that security and risk management leaders must understand the various deployment models for microsegmentation tools in order to select the most relevant approach for their specific use cases and environments. Choosing the right deployment model matters — the wrong choice could stall your Zero Trust journey.

Gartner identifies four key models, including:

• Network overlay: This model uses the existing network controls delivered by infrastructure providers to offer identity-based segmentation. These controls include network overlays, which are virtual networks layered over physical infrastructure by means of encapsulation.

• Host-based: These solutions use a software agent on the endpoint to monitor and analyze traffic flowing in and out of the host. This enables the identification of granular policies and provides application visibility directly at the workload level.

• Cloud native: Built-in identity-based segmentation capabilities are often provided directly by infrastructure as a service (IaaS) vendors. These controls are tightly coupled with the workload and specific to the vendor's IaaS environment.

• API-based: These models leverage API integrations with cloud service providers and may also use sensors in the data center to enable application discovery and policy management. They orchestrate and enforce policies by integrating with network security controls and identity providers.

Many vendors in the market are now offering a combination of these models to support complex hybrid deployments, including environments in which agents cannot be deployed. This flexibility is crucial for covering the diverse IT estates of modern enterprises.

Akamai is dedicated to empowering organizations to build strategic, sustainable secure enterprise networks that directly address these critical needs. We are proud that Akamai is recognized by Gartner as a Representative Vendor for Akamai Guardicore Segmentation.

Akamai Guardicore Segmentation is purpose-built to align with the core capabilities that Gartner identifies as mandatory and essential for effective microsegmentation, including:

• Comprehensive flow mapping and visibility: Akamai Guardicore Segmentation provides real-time visibility into all north-south and east-west traffic across your hybrid enterprise. This detailed insight exposes every communication and dependency, which is crucial for both security posture and compliance audits.

• Granular policy enforcement: Our solution allows you to enforce precise, identity-based policies at the workload level, restricting communication to only what is absolutely necessary. Akamai Guardicore Segmentation also uses AI/ML to provide policy recommendations and semi-automated deployment, which simplifies and accelerates policy creation. This directly supports the principle of least privilege, a cornerstone of Zero Trust.

• Effective lateral movement prevention: By dynamically isolating workloads and applications, Akamai Guardicore Segmentation significantly reduces your attack surface and contains threats, preventing them from spreading across your network. This is a critical defense against ransomware and insider threats.

• Flexible deployment across any environment: As a software-defined network segmentation solution, Akamai Guardicore Segmentation seamlessly deploys across on-premises, cloud, and hybrid environments; VMs; and containers, ensuring consistent security policies regardless of where your assets reside.

Akamai Guardicore Segmentation can strengthen your Zero Trust architecture, help you gain critical visibility, proactively contain threats through advanced network segmentation, and fulfill all your microsegmentation needs.

Our key takeaway from the Gartner report: Microsegmentation is no longer just a technical implementation; it's a strategic imperative for every enterprise that is aiming to build true resilience and adapt to the evolving threat landscape. Microsegmentation delivers operational control, limits financial exposure, and simplifies compliance, all while materially shrinking the blast radius of modern attacks.

Gartner, Market Guide for Network Security Microsegmentation, Adam Hils, Rajpreet Kaur, and 1 more, 6 May 2025

GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.