User Segmentation


Ensure Users Can See Only Apps
They’re Authorized to Access

Users on a network may attempt to connect to any internal application, potentially breaching data center workloads that contain sensitive data using stolen credentials or brute force past weak passwords or by exploiting a vulnerability. Combating unauthorized access using traditional Network Access Control (NAC) solutions provides static, coarse-grained segmentation that relies on the physical network through VLANs and firewall zones.

Illumio Core™ controls visibility to applications through existing group memberships in Microsoft Active Directory. Policies are enforced based solely on the user’s identity and group memberships with no additional infrastructure changes. Two users in the same VLAN can have different policies and will only be able to connect to the applications they’re authorized to access.

Benefits

Eliminate the risk of unauthorized access

Private contractors can't connect to what they can't see—even by obtaining stolen credentials or through seeking to exploit weak passwords. 

Avoid the complexity of relying on infrastructure

Seamlessly leverage access details based on your existing profile configuration in Microsoft Active Directory, without the need to deploy or maintain a physical network-based solution.

Streamline administration through Microsoft Active Directory

Maintain a consistent policy with high granularity and without separately configuring applications, changing the network, or relying on underlying infrastructure.

October 14, 2019

"Illumio provides a great way to visualize traffic flows. Takes the guessing out of game, key component of our security tool belt since it allows us to apply least access privilege to our workloads."

Read More

Try Illumio Edge

Swag Request

Try Illumio Core