Network segmentation splits a network into parts, with firewalls or routing policies enforcing boundaries. This creates a micro-perimeter inside the network, acting as a secondary defence allowing only authorised users to access the protected area.
In line with PCI DSS standards, segmentation is vital to prevent unsanctioned interactions between Card Holder Data Environment Systems and out-of-scope or connected systems.
This method hampers attackers by barring access to sensitive data after initial penetration, limiting lateral threat movement. Regular testing of network segmentation is recommended for security and is essential for PCI DSS compliance.
Segmentation testing, a specialised subset of penetration testing, is a comprehensive manual procedure performed by expert engineers.
The primary purpose of this testing is to evaluate the robustness of network segmentation by trying to gain unauthorised access from less secure portions of the network, known as segments, to those that are more secure.
Magix is an accredited PCI ASV scanning company.
We follow the below proven method to deliver the best results: