* [Blog](https://www.paloaltonetworks.com/blog) * [Network Security](https://www.paloaltonetworks.com/blog/network-security/) * [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/) * Turning Device Context in... # Turning Device Context into Action: The Power of Contextual Segmentation [](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fturning-device-context-into-action-the-power-of-contextual-segmentation%2F) [](https://twitter.com/share?text=Turning+Device+Context+into+Action%3A+The+Power+of+Contextual+Segmentation&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fturning-device-context-into-action-the-power-of-contextual-segmentation%2F) [](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww.paloaltonetworks.com%2Fblog%2Fnetwork-security%2Fturning-device-context-into-action-the-power-of-contextual-segmentation%2F&title=Turning+Device+Context+into+Action%3A+The+Power+of+Contextual+Segmentation&summary=&source=) [](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www.paloaltonetworks.com/blog/network-security/turning-device-context-into-action-the-power-of-contextual-segmentation/&ts=markdown) \[\](mailto:?subject=Turning Device Context into Action: The Power of Contextual Segmentation) Link copied By [Karthik Thumula](https://www.paloaltonetworks.com/blog/author/karthik-thumula/?ts=markdown "Posts by Karthik Thumula") Apr 20, 2026 6 minutes [Cloud Security](https://www.paloaltonetworks.com/blog/category/cloud-security/?ts=markdown) [IoT](https://www.paloaltonetworks.com/blog/category/iot/?ts=markdown) [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown) [Precision AI](https://www.paloaltonetworks.com/blog/category/precision-ai/?ts=markdown) [Product Features](https://www.paloaltonetworks.com/blog/security-operations/category/product-features/?ts=markdown) ## **Introducing Advanced Device-ID for Proactive Device Security and Zero Trust** Traditional network segmentation was designed for a time when networks were static, devices were predictable, and security policies rarely changed. Today's enterprise environments look nothing like that. Attempting to secure modern infrastructure with traditional segmentation is much like asking a CPU to perform the work of a GPU. CPUs are excellent at sequential processing, but they struggle when faced with thousands of simultaneous tasks that require rapid contextual decisions. Just as GPUs revolutionized parallel processing to handle complex workloads, we need contextual intelligence to modern network security. This means moving beyond static, perimeter-based controls toward dynamic, identity- and context-aware segmentation that can adapt in real time. Instead of relying solely on where traffic originates, modern approaches evaluate who is making the request, what they are accessing, and whether the behavior aligns with expected patterns. Traditional segmentation, however, still operates on rigid constructs such as IP addresses, VLANs, and static access rules implicitly assuming that devices remain fixed and trustworthy. This rigidity creates a dangerous gap between how networks are secured and how they are actually used. Modern threats, including ransomware, wiper malware, credential theft, and lateral movement techniques, are specifically designed to exploit this gap. Once attackers gain a foothold through phishing, credential compromise, or supply-chain vulnerabilities, they can move laterally across flat or poorly segmented networks with alarming speed. Because static controls cannot adapt to changes in device posture, ownership, or risk, compromised endpoints often continue to appear legitimate at the network layer, leaving organizations with limited visibility and delayed response when it matters most. In an era of unmanaged IoT devices, ephemeral workloads, remote endpoints, and AI-driven attacks, security must become risk-centric continuously evaluating device identity, behavior, and trust level in real time rather than relying on static network attributes. The March 2026 Stryker incident serves as a clear example of why granular visibility and segmentation is foundational to modern resilience. In an environment where a single event can impact thousands of endpoints simultaneously, identity-centric segmentation allows an organization to localize anomalies immediately. By doing so, enterprises can maintain operational continuity across the rest of the network, ensuring that a localized incident does not compromise global uptime. To combat these evolving threats, Palo Alto Networks is introducing **Advanced Device-ID,** a breakthrough in proactive risk mitigation and automated Zero Trust enforcement. ## **The Evolution: Beyond Basic Discovery** ![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/04/Screenshot-2026-04-16-at-10.41.53-AM-230x129.png) Legacy security frameworks often lack the flexibility to combine the contextual attributes necessary for granular segmentation. Advanced Device-ID solves the "visibility gap" by moving beyond basic identifiers to a high-definition view of every asset. * **Flexibility and Scalability:** We leverage over 3,600 device identity and risk attributes to create tailored policies. * **Contextual Definitions:** Security teams can define "Device-ID objects" by combining identity and risk parameters, such as ownership status, location, and compliance state. * **Centralized Management:** Manage consistent device behaviors across the entire enterprise from a single pane of glass, reducing operational overhead. ## **Lessons from the Field: Proactive vs Reactive** Recent high-profile incidents,such as the Stryker breach, highlight a critical reality: attackers are increasingly adept at exploiting "blind spots" in endpoint visibility and management. These gaps often exist in unmanaged devices, stale security agents, or overlooked authentication anomalies areas where traditional reactive controls fall short. Advanced Device-ID empowers organizations to shift from a reactive posture to a proactive defense model, operationalizing these lessons to prevent similar disruptions before they occur. By applying these insights, Advanced Device-ID enables teams to build automated defenses that maintain operational continuity: 1. **Closing the EDR Gap:** Attackers thrive on unmanaged systems. You can now create a policy that automatically grants only limited access to any managed device lacking an active XDR or EDR agent. 2. **Containing Compromised Credentials:** If a device shows signs of credential abuse or suspicious login activity, Advanced Device-ID can automatically restrict its network access before the infection spreads. 3. **Risk-Adaptive Device Isolation:** Automatically isolate or restrict any device flagged with a high risk score or active threat. ## **Intelligent, ML-Powered Segmentation** Manual rule-writing is too slow for the modern threat landscape. Advanced Device-ID uses machine learning (ML) behavioral insights to provide automated policy recommendations. This "Behavior Baseline" understands what is normal for a specific device type whether it's a corporate laptop or a critical server in the data center and flags deviations instantly. |-------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------| | **Use Case Category** | **Proactive Security with Advanced Device-ID** | | **Compliance Driven** | Automatically quarantine loT/OT/IT devices running End-of-Life (EoL) operating systems. | | **Identity Based** | Enforce Role-Based Access Control (RBAC) by combining user identity with device identity (e.g., only Admin users on Corp-owned PCs can access the Data Center). | | **Risk Centric** | Restrict Network Access and isolate the devices with active threats and exposures. | | **Operational Focused** | Apply restricted access to unregistered devices that lack an official asset tag or inventory record. | ![advanced APP ID](https://www.paloaltonetworks.com/blog/wp-content/uploads/2026/04/Screenshot-2026-04-16-at-10.42.07-AM-230x149.png) ## **20X Efficiency with Automated Policy Acceleration** One of the most effective ways to prevent destructive attacks from spreading is strong network segmentation. In the face of an active attack or rapid lateral movement, speed is your best defense. Advanced Device-ID is designed to reduce policy creation time by 20X through automation. By shifting from a static, IP-based approach to an Adaptive Contextual Policy model, enterprises can proactively mitigate high-priority risks while ensuring the network remains agile and resilient. Modernizing your segmentation today ensures that when high-velocity events occur, your infrastructure is already prepared to contain them. ## **From Visibility to Zero Trust Enforcement** Modern enterprises thrive on agility, which requires a security architecture that evolves as quickly as the business itself. As endpoints transition across networks, clouds, and remote environments, having a real-time, high-definition understanding of every asset, its identity, ownership, and security posture, is essential for maintaining a resilient defense. With Advanced Device-ID, Palo Alto Networks enables enterprises to transform segmentation into an adaptive Zero Trust framework, one that automatically correlates device identity, risk signals, and behavioral intelligence to enforce security policies at scale. Instead of reacting after threats spread, security teams can proactively isolate compromised endpoints, restrict unmanaged devices, and enforce access based on verified device identity and posture. The result is a faster, more resilient defense model that dramatically reduces operational complexity while strengthening protection across IT, IoT, and OT environments ensuring that every connection is evaluated not just by where it is on the network, but by what it is, how it behaves, and how much risk it introduces. Don't wait for a disruption to realize your network is vulnerable. Secure your journey to Zero Trust today. ### **Ready to see what's on your network? [Schedule a Device Security Assessment](https://www.paloaltonetworks.com/network-security/enterprise-device-security#free-trials?ts=markdown)to gain high-definition visibility into your asset landscape and identify opportunities for automated segmentation.** ### **Resources** * [Device Security Solution Brief](https://www.paloaltonetworks.com/resources/techbriefs/device-security-solution-brief?ts=markdown) * [Palo Alto Networks Advanced Device-ID](https://docs.paloaltonetworks.com/network-security/device-id/administration/advanced-device-id-overview) * [Device Security Threat Report](https://www.paloaltonetworks.com/resources/infographics/device-security-threat-2025?ts=markdown) ### **About This Document** The information provided with this paper that concerns technical or professional subject matter is for general awareness only, may be subject to change, and does not constitute legal or professional advice, nor warranty of fitness for a particular purpose or compliance with applicable laws. *** ** * ** *** ## Related Blogs ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [IoT](https://www.paloaltonetworks.com/blog/category/iot/?ts=markdown), [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### Announcing Device Security: Supercharging Proactive Device Protection](https://www.paloaltonetworks.com/blog/network-security/announcing-device-security-supercharging-proactive-device-protection/) ### [IoT](https://www.paloaltonetworks.com/blog/category/iot/?ts=markdown), [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown) [#### You Can't Spell Platformization Without IoT](https://www.paloaltonetworks.com/blog/network-security/you-cant-spell-platformization-without-iot/) ### [Industrial OT Security](https://www.paloaltonetworks.com/blog/network-security/category/industrial-ot-security/?ts=markdown), [IoT](https://www.paloaltonetworks.com/blog/category/iot/?ts=markdown), [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown), [Products and Services](https://www.paloaltonetworks.com/blog/category/products-and-services/?ts=markdown) [#### Safeguard OT Environments with the Power of Precision AI](https://www.paloaltonetworks.com/blog/2024/10/safeguard-ot-environments-power-precision-ai/) ### [Healthcare](https://www.paloaltonetworks.com/blog/category/healthcare/?ts=markdown), [IoT](https://www.paloaltonetworks.com/blog/category/iot/?ts=markdown), [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown) [#### MDS2: A Treasure Trove for Internet of Medical Things (IoMT) Security](https://www.paloaltonetworks.com/blog/network-security/treasure-trove-for-iomt-device-security/) ### [IoT](https://www.paloaltonetworks.com/blog/category/iot/?ts=markdown), [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown), [Retail](https://www.paloaltonetworks.com/blog/category/retail/?ts=markdown) [#### Smart Retail Supply Chains Need Smarter IoT Security](https://www.paloaltonetworks.com/blog/network-security/retail_supply_chain_iot_security/) ### [Announcement](https://www.paloaltonetworks.com/blog/category/announcement/?ts=markdown), [IoT](https://www.paloaltonetworks.com/blog/category/iot/?ts=markdown), [IoT Security](https://www.paloaltonetworks.com/blog/network-security/category/iot-security/?ts=markdown), [Network Access Control](https://www.paloaltonetworks.com/blog/category/network-access-control/?ts=markdown) [#### Unlock the power of IT and security solutions with ZERO IoT blindspots](https://www.paloaltonetworks.com/blog/network-security/zero-iot-blind-spots/) ### Subscribe to Network Security Blogs! Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more. ![spinner](https://www.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up Please enter a valid email. By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder. This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply. {#footer} {#footer} ## Products and Services * [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown) * [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown) * [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown) * [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown) * [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown) * [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown) * [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown) * [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown) * [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown) * [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown) * [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown) * [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown) * [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown) * [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown) * [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown) * [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown) * [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown) * [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown) * [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown) * [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown) * [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown) * [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown) * [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown) * [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown) * [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown) * [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown) * [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown) * [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown) * [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown) * [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown) * [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown) * [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown) * [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown) * [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown) * [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown) * [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown) * [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown) * [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown) * [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown) * [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown) * [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown) * [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown) * [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown) * [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown) ## Company * [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown) * [Careers](https://jobs.paloaltonetworks.com/en/) * [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown) * [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown) * [Customers](https://www.paloaltonetworks.com/customers?ts=markdown) * [Investor Relations](https://investors.paloaltonetworks.com/) * [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown) * [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown) ## Popular Links * [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown) * [Communities](https://www.paloaltonetworks.com/communities?ts=markdown) * [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown) * [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown) * [Event Center](https://events.paloaltonetworks.com/) * [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center) * [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown) * [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown) * [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown) * [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown) * [Tech Docs](https://docs.paloaltonetworks.com/) * [Unit 42](https://unit42.paloaltonetworks.com/) * [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd) ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg) * [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown) * [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown) * [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) * [Documents](https://www.paloaltonetworks.com/legal?ts=markdown) Copyright © 2026 Palo Alto Networks. All Rights Reserved * [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks) * [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown) * [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/) * [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks) * [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks) * EN Select your language