Illumio’s Adaptive User Segmentation capabilities dynamically integrate Microsoft’s Active Directory entitlements for hundreds of millions of users, dramatically expanding the reach of the Adaptive Security Platform
SUNNYVALE, Calif.—February 17, 2016—Illumio today announced it has extended the capabilities of its industry-leading Adaptive Security Platform (ASP)Ô through integration with Microsoft’s Active Directory groups. The new capability, known as Adaptive User Segmentation, dynamically calculates and provisions connectivity rules based on user identity to prevent unauthorized communications with, and access to, any Illumio-protected applications. Illumio ASP now can govern how hundreds of millions of users connect to applications across data centers, clouds or hybrid-cloud compute environments.
Adaptive User Segmentation is the latest step in Illumio’s core mission to secure data anywhere it resides:
· When Illumio launched in October 2014, it introduced a complete range of adaptive segmentation models to reduce the attack surface, from environmental separation to micro-segmentation. It also introduced “MRI-like” visualizations of data center and cloud environments, as well as policy-driven transport layer encryption.
· During RSA 2015, the company introduced its nano-segmentation capability, which provides process-level segmentation among both physical servers and virtual machines and reduces the surface area of server-to-server communications by over 99 percent. Illumio also extended its policy-driven segmentation model to incorporate F5 Local Traffic Manager and Application Firewall Modules.
· Later in the year, Illumio announced partnerships with Docker and Mesosphere to extend adaptive security capabilities to fast-growing Linux container deployments.
Illumio’s Adaptive User Segmentation extends to all of these environments and delivers the most meaningful reduction in the cyber attack surface area in computing history. The company has fused governance of both workload-to-workload communications and user-to-
workload communications through this technology breakthrough, strengthening the traditional entitlement model in a way never possible before today. According to statcounter.com, Windows 7—the target OS for VDI desktops/laptops connecting to the data center—accounts for just under 50 percent of all desktop operating systems in operation.
Today, users within an organization can see and connect to most, if not all, applications within the data center or cloud environment, regardless of their Active Directory entitlements. Given heightened challenges to deliver trust and security, relying on central systems of record like Active Directory to ensure users only have access to the appropriate assets is no longer sufficient. The breaches that occurred in the past few years in large enterprises and government agencies underscore that entitlements and authentication alone are unable to provide the protection required by high-value applications and data.
Leveraging the Illumio ASP approach of writing and delivering a dynamic policy using a whitelist model, the integration of Illumio ASP and Active Directory allows an organization to ensure that only the correct users can connect to the appropriate workloads and applications in the data center, public cloud, private cloud or hybrid compute environment.
“Illumio’s mission since our founding has been to help our customers regain control over their applications and data,” said Andrew Rubin, co-founder and chief executive officer of Illumio. “With the introduction of Adaptive User Segmentation, Illumio once again is dramatically reducing computing attack surface through dynamic, policy-driven enforcement that allows users to only connect to the data center and cloud compute they are entitled to access.”
“Illumio’s new capabilities will resonate with security professionals assessing their security posture,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “Security leaders must deal with both sides of the user/data center equation and are well served to do it together rather than separately.”
Illumio delivers adaptive security for every computing environment, protecting the 80 percent of data center and cloud traffic missed by the perimeter. The company’s Adaptive Security Platform™ visualizes application traffic and delivers continuous, scalable, and dynamic policy and enforcement to every bare-metal server, VM, container, and VDI within data centers and public clouds. Using Illumio, enterprises such as Morgan Stanley, Plantronics, NTT, King Entertainment, NetSuite, and Creative Artists Agency have achieved secure application and cloud migration, environmental segmentation, compliance, and high-value application protection from breaches and threats with no changes to applications or infrastructure. For more information, visit www.illumio.com or follow @Illumio.