ServicesAssessmentsIndustriesSpectraAgentPricingInsightsAboutContactStart Free Assessment
Home Assessments Network Segmentation Assessment
🔀 Assessment

Network Segmentation Assessment

VLAN isolation, firewall rules, DMZ, and lateral movement paths

Start Free Assessment → Talk to Our Team
Free
First 2 assessments
<10 min
To complete
24h
Team review
🔀
What We Assess

8 Areas We Examine

01
VLAN Design
Are production, development, management, and user segments separated by VLAN?
02
Firewall Rule Review
Are firewall rules least-privilege? Any 'allow any any' rules? Rules reviewed recently?
03
DMZ Configuration
Are internet-facing services in a DMZ? Can DMZ servers reach internal systems directly?
04
Management Network
Is server management (IPMI, iDRAC, iLO) on a separate management VLAN?
05
East-West Traffic
Can a compromised internal machine reach finance systems, backups, or domain controllers?
06
OT/IT Separation
For manufacturing: are operational technology networks isolated from corporate IT?
07
Guest and IoT Isolation
Are guest WiFi, printers, cameras, and IoT devices isolated from production systems?
08
Inter-zone Access Logging
Is cross-zone traffic logged and alerted?
Who This Assessment Is For

Organisations with mixed-criticality environments — production servers, developer machines, finance systems, and guest WiFi on the same network is a critical risk.

Common Findings We Uncover
Flat network — any machine can reach any other
Finance systems on same VLAN as developer workstations
IPMI interfaces accessible from office WiFi
Guest WiFi bridged to production network
No east-west firewall rules — lateral movement unrestricted
Compliance Frameworks Mapped
SEBI CSCRF Network SecurityRBI IT Framework Network ControlsCERT-In Network GuidelinesPCI-DSS Network SegmentationIEC 62443 (OT/IT)

Common Questions

We have a firewall — doesn't that mean we're segmented?
A perimeter firewall only protects north-south traffic (internet to LAN). Network segmentation requires internal separation — east-west controls between different zones.
Is this required by SEBI?
Yes. SEBI CSCRF explicitly requires network segmentation for regulated entities.

Ready to Find Your Gaps?

Start the Network Segmentation Assessment now. Free for first 2 assessments. Results in under 10 minutes.

Start Free Assessment →
No agents. No server access required. No credit card.

Other Assessments

📈 SEBI Compliance 🖥️ IT Infrastructure ⚡ Virtualisation 📧 Email Security 🏛️ Active Directory 💾 Backup & DR 🛡️ Ransomware View All 20 →