Traditional network segmentation projects are slow, resource-intensive and frequently never reach completion because narrowing down policies requires extensive manual effort, cross-team coordination and time that most OT organizations simply do not have. The result is that vulnerable, unpatchable systems remain reachable across flat networks long after the segmentation project was supposed to fix that.

Agentless microsegmentation addresses this by automating policy creation from observed traffic patterns, orchestrating host firewalls centrally and enforcing controls at both system and switch level - without IP address changes or production downtime.

This session, led by Markus Kohlmeier of DTS Systeme, will cover:

• How automated microsegmentation limits attack surface for systems that cannot be patched or replaced;
• Why host firewall orchestration and stateful ACLs at switch level eliminate the need for network re-architecture;
• How just-in-time MFA enforcement protects privileged access even when applications do not natively support it.