How to Segment SSH and RDP for Zero Trust Success
Security Boulevard, Wednesday, May 28th, 2025
RDP and SSH remain top targets for attackers because they offer direct access to the systems that matter most. As covered in our earlier post, segmenting these high-risk protocols is one of the fastest, most effective ways to reduce lateral movement and tighten remote access controls.
But how do you get started with microsegmentation? And how do you segment SSH and RDP in a way that balances security, usability, and operational efficiency?
The answer lies in a phased, pragmatic approach that prioritizes high-impact wins without overcomplicating deployment.
High-Risk Protocols vs. Complex Workloads
If you are just getting started with microsegmentation, you might be asking, 'Why start with RDP and SSH instead of databases, APIs, or other workloads?' The reality is that while web services and data stores may also require segmentation, they're usually more specialized, used by fewer people, and often tightly integrated into custom application stacks.