Software-outlined segmentation places network visitors into distinctive classifications and can make imposing security guidelines a lot easier. Preferably, the classifications are based upon endpoint id, not mere IP addresses. Observe the 3rd layer from The underside known as Network, but network security does not apply only to this layer. https://ieeexplore.ieee.org/document/9941250