Illumio Edge Architecture Overview


Illumio Edge delivers visibility and segmentation
to stop lateral movement between endpoints.



With easy cloud-based deployment and a lightweight agent that follows the user, Illumio Edge makes use of existing host firewalls to enforce security on endpoints.


This all starts with a different approach to segmentation – at an architectural level. Illumio Edge is not tied to your network. This foundation eliminates the limitations and challenges of network-based segmentation.

Illumio Edge Architecture

 
Architecture_Overview_Diagram_30JUNE2020_Background-01_0.png

Core Components

 

Virtual Enforcement Node

Illumio Edge’s Virtual Enforcement Node (VEN) is a lightweight agent that runs on your organization’s end-user laptops. But it’s not your average agent. It uses virtually no CPU, won’t bring down network performance, and has proven its resiliency in the data center.

The VEN is completely invisible to the user but gives you visibility of every flow in and out of their machines. It collects that context and telemetry and sends it to the Policy Compute Engine.

CrowdStrike customers will be able to use the Falcon agent with Illumio Edge as of July 2020. Read more about it here.

Cloud-Delivered Policy Compute Engine

Illumio Edge's Policy Compute Engine (PCE) uses endpoint visibility and telemetry as the basis for building the perfect whitelist policy. Once created, the PCE sends these policies back to the endpoint VEN that programs the Windows-based firewall with the right policy. The policy only allows specific, whitelisted inbound connections, dramatically reducing the risk of malware and ransomware spreading from machine to machine.

As a cloud offering, the PCE is hosted and managed by Illumio, with its intelligence and policy orchestration occurring in the cloud. This means there’s no management or operational expenses for your team.

Core Capabilities

edge-architecture-overview-check-mark

Cloud-delivered

edge-architecture-overview-check-mark

Distributed enforcement for massive scale with no performance impact

edge-architecture-overview-check-mark

Lightweight agent lets security follow the user

edge-architecture-overview-check-mark

Automated Zero Trust policy

edge-architecture-overview-check-mark

Off-network protection

edge-architecture-overview-check-mark

Network agnostic – zero configuration
to existing network

edge-architecture-overview-check-mark

Complementary to EDR and endpoint security solutions, including CrowdStrike agent integration

edge-architecture-overview-check-mark

Endpoint-to-endpoint visibility

edge-architecture-overview-check-mark

Uses native OS firewall

edge-architecture-overview-check-mark

No host OS overhead

Illumio Edge Features

Find out more about how it works.

architecture-overview-ipad

Try Illumio Edge

Swag Request

Try Illumio Core