How Illumio Helps Federal Agencies Secure Mainframes

Principal Solutions Architect, Public Sector

August 14, 2025

23 min. read

Mainframes are still everywhere in government IT.

And while most of the cybersecurity world is busy chasing containers, microservices, and Kubernetes, federal agencies are facing a quieter, more persistent challenge.

How do you secure mission-critical mainframes that can’t (and won’t) be replaced?

Mainframes aren’t going anywhere, but traditional security tools aren’t built for them. That’s a compliance and risk problem. Illumio has a solution.

Mainframes are mission critical for federal agencies

It’s time to change the way we talk about mainframes. “Legacy” doesn’t mean obsolete, especially not in government. Technology isn't legacy if it’s serving your mission.

Federal agencies rely on mainframes because they work. They’re reliable, they’re scalable, and they’re already integrated into the most sensitive and critical parts of the mission.

But despite their continued use, they’re often treated like relics, especially by today’s security tools, which prioritize the latest platforms over the ones agencies still depend on.

The EDR mandate: when requirements outpace reality

The latest Binding Operational Directives (BODs) from CISA, like BOD 23-01, require federal systems to have endpoint detection and response (EDR) capabilities.

That’s great on paper. But there’s one big issue: there is no EDR solution for mainframes.

This is where agencies are getting stuck. They’re failing security validations because their mainframes can’t support the mandated tools.

But replacing those systems or refactoring them into the cloud isn't an option, especially not at scale, not quickly, and not affordably.

What agencies need is a compensating control — a way to meet the spirit of the BOD requirements without shoehorning unsupported tech into a critical environment.

That’s where Illumio comes in.

Illumio: a proven compensating control for mainframes

Illumio gives agencies the ability to monitor, control, and enforce security policy on mainframes — and across any other workload, even ones that traditional EDR tools don’t support.

In fact, with Illumio, agencies are often getting more than EDR tools provide.

Illumio uses flow data and context to classify workloads, understand how systems communicate, and enforce policies that limit lateral movement.

These are the exact controls you need to reduce risk and meet Zero Trust mandates, whether or not there’s an EDR agent in place.

And Illumio doesn’t stop at mainframes. The platform supports a wide range of uncommon or older operating systems that are still widely used in government:

IBM Z, iSeries, and other mainframe environments
Solaris, AIX, Oracle Linux
Windows Server 2003 and 2008
Citrix, F5, BMC, and more

Don’t let legacy infrastructure block Zero Trust

The push for Zero Trust has forced agencies to rethink their perimeter-based defenses. That’s a good thing.

But not every system can be rebuilt in the cloud or swapped for a new platform.

The reality is that there are a lot of old operating systems in government that aren’t going anywhere. They’re still running the mission. So instead of ignoring them or hoping they go away, we need to secure them where they are.

That’s the heart of Illumio’s approach. Agencies don't need to modernize everything at once. They should focus on securing what they have today and do it in a way that aligns with Zero Trust principles.

If it serves the mission, it deserves protection

Mainframes aren’t going away in federal networks. And pretending they don’t exist — or can’t be protected — isn’t an option.

Illumio gives federal agencies a clear path to Zero Trust that includes their most difficult-to-secure systems.

Whether you’re under pressure from a binding operational directive or just trying to modernize at your own pace, we’re here to help you secure every workload, even the ones no one else can.

Ready to protect your mainframes? Get in touch with our experts today.