Skip to content

How agent-based protection works

Agent-based microsegmentation uses a lightweight agent on workloads to enforce policy locally.

Components

  • Workloads (agents): hosts with an agent enforcing policy
  • PCE (Policy Compute Engine): policy authority and distribution
  • Labels: how we express scope (app/env/role/loc/...)
  • Rulesets & rules: the policy model (allow/deny + services/ports)

Allow / Block decision model

flowchart LR
  A[Workload A] -->|Flow attempt| PCE[PCE Policy Engine]
  PCE -->|Allowed| B[Workload B]
  PCE -->|Blocked| X[Drop / Reject]

What really happens

At runtime, the decision is enforced on the workload:

1) The agent receives a policy snapshot from the PCE
2) When a new connection is attempted, the agent evaluates: - Source labels, destination labels - Direction (ingress/egress) - Service definition (ports/protocols) - Rules order / ruleset scope 3) The agent allows or blocks the flow

Why this is powerful

Enforcement stays effective even if network paths change, because policy is attached to the workload identity (labels), not an IP topology.

Allowed flow example

Use case: App A in PROD calls App B in PROD on TCP/443.

sequenceDiagram
  autonumber
  participant A as Workload A (app=A, env=PROD)
  participant B as Workload B (app=B, env=PROD)
  Note over A,B: Policy allows A -> B on TCP/443
  A->>B: TCP 443 (HTTPS)
  B-->>A: SYN/ACK
  Note over A,B: Connection established

Blocked flow example

Use case: A compromised workload tries to pivot using an admin port (e.g., SSH/22) that is not explicitly allowed.

sequenceDiagram
  autonumber
  participant A as Workload A (compromised)
  participant B as Workload B
  Note over A,B: No rule allowing TCP/22
  A->>B: TCP 22 (SSH)
  Note over A,B: Agent blocks the attempt

Common misconception

Blocking “admin ports” is not enough. The goal is to express required flows and restrict everything else.