VMware vShield provides the security layer basic to integration of partner technology, enabling “better than physical” security services for the VMware virtual data center. Endpoint security is a critical foundation for the virtual data center and remains important in malware protection and hardening both virtual workloads and physical management servers. As enterprises migrate business-critical workloads to the virtual data center, security concerns arise from sharing infrastructure and must be addressed beyond endpoints. Segmentation and isolation are central to the practice for securing sensitive workloads in physical infrastructure. Perimeter segments isolate sensitive workloads - blocking threats, preventing data loss and managing access controls to define and enforce compliance scope. Virtual data center architecture offers advantages for securing mixed trust workloads on shared infrastructure. Administrators can drive higher consolidation ratios and large clusters can be used for a common set of services for availability and performance. Virtual security solutions for DLP, ownership and content control automate the identification of workloads for segmentation and enforce segment boundary - regardless of operational changes to the virtual environment. Together, using VMware vShield and integrated security solutions from Symantec, the enterprise can securely segment workloads in the VMware Cloud Infrastructure. This presentation covers the use cases, and solution approaches for assuring segmentation on this shared infrastructure, enabling mixed trust workloads.