Segmentation has been around since networking’s inception. Originally, it was used to limit the size of broadcast domains. However recently, it has become an important security tool.
The transition from monolithic application models to an architecture running on micro-services drove the need for very flat, high-performance network fabrics. On the other hand, the need to keep aspects of each application separate drove organizations to segment traffic based on security requirements. Initially, firewalls were a viable solution for this problem—first hardware-based, then virtual, and finally distributed.
In response to a question about the market desire for motor cars, Henry Ford is reported to have said, “If I had asked people what they wanted, they would have said ‘faster horses.’” This reflects human desire to stick with familiar things and push technology beyond its capacity. The problem with a traditional firewall, regardless of its formfactor, is that for fine-grained segmentation of high value assets, it is just a “faster horse”. What organizations really need is a race car.
Segment on your journey to Zero Trust
Segmentation is a foundational component of Zero Trust because it acts as the gatekeeper between resources that need to be separated but still need to communicate. The most sensible way to deliver this enforcement is to place it as close to the workload as possible – or, preferably, in the workload. This is the only way to scale for performance, platform support, and geographical diversity.
So, why is it that not every organization is doing this already? Quite simply, there is a concern that the volume of rules and complexity of the computing environment will overwhelm the teams tasked with such implementation. This could lead to an extended timeframe or potential failure of the project.
Today, Illumio announced product enhancements that remove this concern and de-risk any segmentation project, regardless of size or complexity. Here are the highlights:
Gain real-time application insights
Often, breaches are caused by unknown servers, unpatched workloads or misconfigured firewalls. When there is a lack of understanding of the interaction between applications and other systems, organizations cannot do anything to stop the spread of an attack.
Illumio Core now simplifies how to visualize and gain insights from all application communication (from one centralized view) to create, test, and enforce security policy across network, security, and DevOps teams without disrupting business-critical applications. This accelerates the move to Zero Trust Segmentation.
Simplify policy creation
When organizations rely too heavily on firewalls, it often results in misconfiguration. There is a high volume of rules that must be manually created, and there are often clashes when allowlist and denylist rules are not in the correct order.
With a point-and-click approach to policy creation, Illumio Core automatically generates all the required rules for a given workload—in minutes. New Enforcement Boundaries place a barrier between environments like Development and Production without the need to worry about rule ordering, cutting the time needed to achieve Zero Trust Segmentation.
Segmentation as a team activity
Traditionally, organizations develop a department of segmentation, where a single group spends all of their time building firewall rules. However, this does not fit the modern way of building and managing applications.
Illumio Core allows users to see their application, independent of location. By allowing app owners to identify and isolate information, Illumio Core delivers greater visibility into individual applications, bringing teams together and ultimately simplifying the policy creation process.
Test before enforcement
One simple mistake can have catastrophic consequences by either stopping an application from working or leaving a door open that a cybercriminal can enter. The trick to not making a costly mistake that shuts down the business is to test and model policies before enforcing them.
Illumio Core introduced new visibility modes that allow for the testing of policies using live traffic, without affecting the flow of data. The impact of allowed, blocked or potentially blocked links can be viewed and can also trigger alerts in an organization’s SIEM system as if the rules were live.
Consistent enforcement at any scale in any environment
Business agility is a key requirement in today’s world. As we know, organizations come in any size, and all have individual needs and differing levels of complexity that adds risk. Also, as organization’s modernize and move to the cloud, there should be no variation in the way that policies are configured.
Illumio Core can scale from 1 to over 100,000 workloads without adding extra equipment or changing the way organizations configure policies. With the unique way that Illumio communicates with workloads, the entire network can reach full enforcement within minutes.
The enhancements to Illumio Core make it the simplest and quickest solution to meet the needs of Zero Trust Segmentation. By removing the complexity of traditional firewalls and enabling policy modeling before they go live, organizations can de-risk the roll out of segmentation.
To learn more:
- Check out this Illumio Core video
- Read the Illumio Core overview
- Attend our upcoming webinar: Automated Enforcement Advances: Protecting Against Ransomware and Cyberattacks Webinar
- Sign up for an Illumio Experience event to test the product yourself