Isolated security zones yield stronger network protection.
Limiting interactions among hosts on your network can keep malware from running rampant.
Twice in recent weeks, I've been onsite at a company where a sizable division of the organization has been hit by a fast-roving computer worm. All that prevented the worm from quickly spreading across the enterprise was the company's isolated security zones. These scenarios served only to strengthen my belief that establishing isolated security zones
is among the few strategies that reap a return on the investment of planning, resources, and money.
In one of the instances, a foreign subsidiary of the company I was visiting had been infected with the Conficker worm
. Nearly every computer at the particular location was compromised. Outside the location, however, only eight additional machines were infected.