Illumio believes that the Zero Trust approach to cybersecurity is a strong one: "never trust, always verify” – trust nothing inside or outside your perimeter; verify everything trying to connect to your systems and your high-value assets. As I travel around the world meeting with customers, I hear the words "Zero Trust" more and more. After speaking with Dr. Chase Cunningham of Forrester about the "why" of Zero Trust, I personally bought in. Tactics and technologies can come and go, but a philosophy (and strategy) implies long-term guiding principles that customers can apply to product purchasing trade-offs – and to this end, Zero Trust provides long-term guidance rather than a specific product recommendation.
The Zero Trust Report
The Q418 Forrester Wave report on Zero Trust eXtended (ZTX) Ecosystem Providers informs long-term strategy by which organizations can achieve a better security posture. While the report profiles 14 vendors who most closely align with Forrester's ZTX Framework, it does not bake off vendor’s products; Forrester Wave reports are not product reviews. The Zero Trust report looks at how each product falls into the following strategic areas:
- Network security (of which micro-segmentation is a part)
- People – ensuring that people only access those things that they are entitled to
- Workload security – security of workloads in the data center
- Device security – security of devices like laptops, phones and tablets
Forrester asks that all of these different solutions tie things together using automation and orchestration, and provide visibility and analytics across all of the pillars.
The process of getting into the Zero Trust Wave requires answers to a very long list of questions, customer references from different industries, documentation about revenue, and deep-dive demonstrations that show how you align to Forrester's Zero Trust eXtended Framework. Dig into the methodology here.
ILLUMIO SHINES IN THE WAVE
Illumio is proud to be named a "Strong Performer" in the Forrester Wave Zero Trust eXtended (ZTX) Ecosystem Providers report in our first year evaluated, placing well above traditional micro-segmentation vendors.
Dr. Chase Cunningham, principal analyst serving security & risk professionals, Forrester, writes in the report:
"A key factor for any Zero Trust enterprise or strategy is to know what assets and controls are in place and to be able to understand, with context, what transactions and threats are critical to the business. In this regard, Illumio shines. The technology provided by [Illumio] aligns well with enabling the establishment of Zero Trust for an organization, and its ability to provide the contextual insight of threat areas and workflows for both security and continuity stand out in the space.”
How did we get here?
Here is a partial list of the demonstrations that we did live and within our allotted 90 minutes (thank you awesome Technical Marketing Engineer, Janani Nagarajan):
- Orientation of the Illumio UI
- RBAC settings
- Syslog configuration
- Integration with enforcement points
- SIEM Integration and Splunk App for Illumio
- CMDB Integration with ServiceNow and application
- Workflow – labeling, policy states, and policy creation
- Encryption using SecureConnect and SecureConnect Gateways
- Device management using unmanaged workloads and switch enforcement
- User segmentation
- Cloud workloads identification and integration
- Vulnerability integration
- NAC integration
- Containers, Kubernetes, and OpenShift integration
- Support portal and API documentation
When we finished the final demonstration (not a second too late), the collective team collapsed in exhaustion. We saved our elation until the Wave was released.
Here are some highlights of our placement in the Wave:
- Out of all of the micro-segmentation solutions in the Zero Trust Wave, Illumio received the highest scores.
- Illumio received top marks in several areas beyond Zero Trust networks, including workload security and analytics.
- Only two startups appeared in the Wave – Cyxtera and Illumio.
- Illumio entered one product into the Zero Trust Wave: the Adaptive Security Platform®. Other vendors placed multiple products. (What’s more, we don’t ask our customers to act like systems integrators to make our product work – it is one platform, one SKU, all the capabilities.)
We encourage you to check out the report.
Look for us to write more about Zero Trust in future blog posts. Please feel free to ask me any questions. I look forward to the dialogue.