SD‐Segmentation

Software-Defined Segmentation (SD-segmentation) is a modern networking approach that replaces traditional hardware-based methods (like VLANs and complex ACLs) with a software-driven, role-based model.

• Cisco TrustSec (CTS), which is the overarching security architecture that uses SGTs to provide software-defined segmentation.
• Security Group Tags (SGTs) are 16-bit identifiers, ranging from 1 to 65,535, used in Cisco TrustSec to segment networks based on user or device roles rather than IP addresses.