Networks often are complex and expansive. It’s easy to think of them as a singular entity, but the array of devices that interconnect, route and segment the network can make monitoring and managing security a challenge. Illumio hopes to address that challenge and help organizations implement security that is simultaneously easier and more comprehensive with changes to its Adaptive Security Platform.
According to Illumio, the Adaptive Security Platform is being extended to enable companies to embrace network segmentation for data centers and cloud applications without sacrificing security.
“One of the biggest challenges in security is battling complexity and that’s amplified by increasing heterogeneity that we see in customer data centers and cloud environments. Legacy infrastructure combined with virtualization and cloud means there is opportunity for coordinated points of policy enforcement,” said Eric Hanselman, chief analyst of 451 Research. “We see segmentation in depth addressing a real requirement for customers who are looking to both strengthen security and simplify operations by centralizing and harmonizing policy and enforcement across different environments.”
“As segmentation becomes the core strategy for data center and cloud security, organizations are now looking at how other elements of their compute environment can be used to enforce these policies,” said PJ Kirner, chief technology officer and founder of Illumio. “Our customers have asked us to efficiently coordinate policy across their data center and cloud environments, simplifying management of the security control plane.”
Illumio shared some of the big features included in this update:
- Illumio can now program and control leading data center and cloud infrastructure—including Cisco Systems, Microsoft Azure, AWS and Arista—to deliver the most comprehensive segmentation solution in the market.
- Customers no longer need firewall chokepoints, SDN deployments or upgrade infrastructure to achieve robust segmentation-based security.
- The expansion of Illumio’s enforcement point programming gives customers a centralized and automated coordination of policy management between:
- Hosts: Workloads (bare-metal, VM, containers)
- Network: Cisco and Arista switches (NEW), F5 LTM & ATM
- Public Cloud: AWS Security Groups, Azure Network Security Groups
- Customers can now write uniform security policies for hosts, the network and public cloud, improving security and reducing operational overhead.
With the extension of Illumio ASP from bare-metal servers, virtual machines and containerized host to include additional security controls for the network and cloud, Illumio states that it reduces the need to manage multiple, disconnected policy models. Illumio claims that it helps eliminate security gaps generated by disparate security policies, reduces the operation overhead created by manual segmentation and stops the need for additional firewall chokepoints or SDN deployments.
“Despite the rapid increase in cybersecurity spending focused on implementing stronger security controls to limit access to sensitive data and applications—organizations of all sizes don’t always end up with more secure environments,” said Jon Oltsik, ESG’s senior principal analyst and founder of the firm’s cybersercurity service. “The ability to drive segmentation in depth throughout the data center and cloud can be a critical next step in securing data center and cloud environments.”