Allows the same kind of segmentation we can get in an EC2 instance (security groups, acl and so on) but in end user stations
  * Requires cscaler agent running on the computs
  * cscaler has their own cloud
    * they offer there: authentication, firewall (inspection) and metrics