Yannick H.,
Too Long; Didn't Read
In the modern cybersecurity landscape, the focus is shifting from purely network perimeters to identity-based security. However, the network remains indispensable - it becomes the intelligent transport layer that combines identity, context, and Zero Trust.
A few years ago, the answer to the question "How do we protect our company?" was still pretty simple: You put a thick firewall around the network. Everything inside was trustworthy, everything outside was not. Done.
Then came the cloud. And mobile work. And SaaS applications. And suddenly... where exactly was our perimeter?
Today we talk about Zero Trust, about identity-based security, about "never trust, always verify." We authenticate users, not networks. We grant access rights based on identity and context, not IP addresses.
And then the question arises that we hear more and more often at ODCUS: "Do we even still need the network?"
The short answer? Yes. Absolutely.
But... (and this is an important "but") no longer in the way you used to know it.
The Shift from Perimeter Security to Identity Security
Let’s be honest. Traditional network security had its time. If you have a clear boundary between "inside" and "outside," the castle-wall concept works quite well. The problem? That boundary simply no longer exists today.
Your employees work from home, from cafés, from the airport. Your data is in Azure, your applications in Microsoft 365, your backups with a cloud provider. Your partners access your systems via APIs. Where exactly should your "firewall" be placed?
Modern cybersecurity’s answer: everywhere and nowhere at the same time.
This is where identity-based security comes into play. Instead of asking "does this request come from my trusted network?", we now ask:
Who is this user really?
Is the device they are using compliant with our policies?
Does the access fit normal behavior patterns?
What risk score does this transaction have?
Sounds like a complete replacement of the network concept, right? This is where it gets interesting...
Why the Network Still Remains (Just Different)
Identity is fantastic. But identity alone is not enough.
Imagine this: An employee successfully authenticates with all factors. Their identity is verified. Perfect... until their laptop is compromised by a sophisticated attack that strikes at the exact moment they access sensitive data.
Or: An attacker steals legitimate credentials (happens more often than we think) and logs in from a completely new location. The identity checks out... but should we really trust it?
This shows: identity without context is blind.
And that very context often comes from the network:
Where is the connection coming from?
Which path does the traffic take?
Does network behavior show anomalies?
Which other systems are being contacted at the same time?
The modern network becomes an intelligent transport layer that not only moves packets, but continuously evaluates, analyzes, and protects.
The Future: Identity-Aware Networks
At ODCUS, we pursue a clear approach that we call "Business Centric IT." This means: no either-or decisions, but intelligent integration of what truly delivers business value.
In practice, this means for network and identity:
Zero Trust Network Access (ZTNA)
Your network becomes identity-aware. Every connection is evaluated based on user identity, device state, and context—regardless of whether the connection comes from inside or outside.
Micro-segmentation
Instead of one large "trusted" network, you create small, tightly defined zones. Even if an identity is compromised, lateral movement in the network remains heavily restricted.
Network Access Control with Identity Integration
Your network "knows" its users. It understands not only IP addresses, but who is behind them, with which device, and with which permissions.
Software-Defined Perimeter
The network becomes invisible to unauthenticated users. Only after successful identity verification do the required resources become "visible"—a concept that elegantly combines identity and network.
Practically Speaking: Your Next Steps
"Okay, understood. But what does that mean concretely for us?" – A question we hear every day.
Here is the reality: Most companies are somewhere between "classic network" and "full zero-trust architecture." And that is completely fine.
Step 1: Understand your identity architecture Before modernizing your network, you need to know: How strong is your identity management really? Do you consistently use multi-factor authentication? Do you have a central identity platform like Microsoft Entra ID?
Step 2: Make your network visible You can’t protect what you can’t see. Who accesses what and when? What data flows exist? Where are your most critical assets located?
Step 3: Start with Conditional Access Connect identity with network context. Set up rules such as: "Access to financial data only from managed devices and not from high-risk locations."
Step 4: Segment intelligently Not everything at once. Start with your most sensitive areas. Create network segments based on identity and business roles, not just technical departments.
Step 5: Monitor continuously This is where the connection between identity and network comes into play. A modern Security Operations Center (SOC) correlates identity events with network anomalies.
The Elephant in the Room: Costs and Complexity
"That all sounds great, but we don’t have the resources for a complete overhaul."
We understand. Absolutely.
And here’s the good news: You don’t have to do everything at once. In fact, a step-by-step approach is often more successful than a big-bang project.
At ODCUS, we often work with companies that already have licenses such as Microsoft 365 E5, but use only a fraction of the security features. You may already have Conditional Access, Intune, and Defender—but you’re not using them together with your network architecture.
Then the first step doesn’t cost much money at all... but above all strategic thinking and execution.
What We Do Differently at ODCUS
Many IT service providers sell you tools. We sell you impact.
When a customer comes to us and says "We need a new firewall" or "We want to implement Zero Trust," we first ask: Why? What is the business objective?
Do you want to migrate to the cloud faster and more securely?
Do you need compliance with NIS2 or ISO 27001?
Are you trying to strengthen your defenses after a security incident?
Do you want to reduce your IT costs while increasing security?
Depending on the answer, the solution looks completely different.
Sometimes the answer is: "Your network isn’t the problem at all—you have an identity problem."
Sometimes it is: "Your identity solution is strong, but your network is a blind spot."
And often it is: "You have both components, but they don’t talk to each other."
The Honest Answer: Both Matter
Back to the original question: Is the network still needed in times of identity-based security?
Yes. But not as a standalone fortress—rather as an intelligent layer that combines identity, context, and access control.
The modern network is:
Identity-aware
Context-sensitive
Dynamic
Invisible to unauthorized users
Strongly segmented
Continuously monitored
It is no longer the first line of defense, but an integral part of a layered zero-trust architecture.
Your Network Is Not Dead—It Is Being Reinvented Right Now
And that is exactly what makes it so exciting.
We are at a point where the boundaries between network, identity, endpoint security, and application security are blurring. That can be confusing... or a huge opportunity.
At ODCUS, we help companies navigate this complexity—not with generic checklists, but with pragmatic, business-focused strategies that fit your specific situation.
