The platform emphasizes automated deployment and policy creation, with the system learning network connections over time to generate and enforce segmentation rules without manual tagging or configuration. It is positioned as a way to improve operational resilience by limiting the spread of attacks and securing both on-premise and cloud environments.

Key Features & Functions include:

Automated Microsegmentation
The solution automatically segments network assets by learning network connections and generating security policies. This removes the need for manual labeling, grouping, and rule creation.

Dynamic Policy Creation and Enforcement
Policies are created based on observed network behavior over a learning period, producing “deterministic, highly accurate firewall rules.” These policies are then enforced to control inbound and outbound traffic.

Lateral Movement Prevention
Segmentation is designed to block unauthorized movement between systems, limiting the spread of attacks and reducing the potential impact of a breach.

Agentless Deployment
The platform can be deployed without installing agents on individual assets, with asset visibility and segmentation initiated through a centralized server installation.

Network-Layer MFA Enforcement
The solution applies multi-factor authentication at the network level, including “just-in-time MFA” controls for access to assets, ports, and protocols.

Comprehensive Asset Coverage
Segmentation extends across all network assets, including unmanaged devices such as IoT and OT systems, with controls over inbound and outbound communications.

Traffic Visibility and Control
The platform provides visibility into network activity and assets, supporting monitoring and control of both east-west and north-south traffic flows.

Compliance and Audit Support
Segmentation and access controls are positioned to support compliance requirements, including demonstrating segmentation for audits and penetration testing scenarios.