Abstract: A method, apparatus and product for sub-networks based cyber security. One method for managing a local network, which is divided into subnets, comprises: monitoring communication traffic of devices in each of the subnets; performing anomaly detection to detect an abnormal communication of a device connected to a subnet; blocking the abnormal communication of the device; and removing the device from the subnet and connecting the device to a quarantine subnet of the local network, whereby reducing connectivity of the device with other devices connected to the local network.

Abstract: A method, apparatus and product for sub-networks based cyber security. One method comprises detecting a device connecting to a local network which is divided into subnets; determining a usage profile of the device; automatically selecting a subnet to connect the device based on the usage profile; and connecting the device to the selected subnet in the local network. Another method comprises monitoring communication traffic of devices in each of the subnets of a local network; performing anomaly detection to detect an abnormal communication of a device connected to a subnet; blocking the abnormal communication of the device; and removing the device from the subnet and connecting the device to a quarantine subnet of the local network, whereby reducing connectivity of the device with other devices connected to the local network.