Adaptive Segmentationmicro-segmentation September 24, 2020

Illumio is a Leader in Zero Trust...So, How Did We Get Here?

Matthew Glenn, Senior Vice President of Product Management

When I first met Illumio’s co-founders Andrew Rubin and PJ Kirner in 2013, they were laser-focused on creating an allowlist based product for network segmentation. One of my favorite moments from those early days with PJ is when he asked, “Tell me about rule conflicts in an allowlist product?”

This was, of course, a trick question because there can be no rule conflict or rule ordering when an organization pursues an allowlist – there is no conflict when an organization pursues Zero Trust.

In 2013, the problem was that creating allowlists often breaks applications – so Illumination was born. Illumio was built at the workload level and from the beginning, we were checking many other Zero Trust boxes.

We made our first appearance in the Forrester Wave Zero Trust report three years ago. People were a bit surprised at our appearance, and there was pressure on us to do “more” beyond our data center and cloud product, but instead of throwing out features just to move up and to the right in the Wave, in a truly Illumio way – we stuck to our knitting and enhanced our already shipping data center product.

This year, we methodically moved out of the data center to the endpoint by not just using our agent, but also programming CrowdStrike’s agent – following Forrester’s Zero Trust credo of ‘use what an organization already has’.

The most grueling part of the Wave is a long form live demo, where your company must demonstrate how to solve a set of Zero Trust problems in front of the Forrester team. We had to prepare a set of demonstrations (from the endpoint to the data center and public cloud), fit them into the same amount of time we previously gave to just the data center and cloud offering, and answer questions from the analysts. 

Our Technical Marketing Engineering team rocked it! We are honored to be recognized by Forrester this year.

The Zero Trust Market

Over the last few years, interest in Zero Trust has been a tidal wave (pun intended). But more importantly, adoption has skyrocketed and we are now seeing enterprises approaching Zero Trust with end-to-end segmentation.

The market has shifted from a security strategy to full blown implementations. Zero Trust reduces risk from security breaches and other security threats, like ransomware, that can disrupt your business, both financially and operationally.

As defined by Forrester, there are multiple key components of a Zero Trust security strategy included in its Zero Trust Framework, including:

  • Network
  • People
  • Devices
  • Data
  • Workload

With automation/orchestration and visibility/analytics to tie it all together.

Zero Trust diagram

Source: https://www.forrester.com/report/The+Zero+Trust+eXtended+Ecosystem+Data/-/E-RES161356#figure1

A Whole New World Requires Zero Trust

We are operating in a “New World”. For the first time, the majority of users are working remote and off the campus network in a distributed work-from-anywhere model.

As a result, organizations are facing increased risks from new attacks and a widening threat landscape to protect across an increasing attack surface.

An effective Zero Trust strategy must evolve to address how your users work and communicate when they are on and off the corporate network.

In short, a more holistic approach to Zero Trust is more important than ever before.

Illumio: End-to-End Zero Trust

As I said above, Illumio was founded on the principle of least privilege to help organizations stop the lateral movement problem, and the ability for malicious actors to traverse a network in the data center and cloud.

By deploying a default-deny approach, Zero Trust policy on the endpoint and peer-to-peer communications between endpoints are blocked, except for essential traffic. This vastly reduces the risk of ransomware and malware spreading laterally across user laptops and workstations.

Illumio Core (previously known as Illumio ASP) and Illumio Edge fit naturally into the multiple tenets listed above and help organizations deploy end-to-end Zero Trust segmentation from the data center and cloud to endpoints.

This approach shifts the conversation to preventative containment, with a focus on preventing lateral movement between endpoints, between users and data center applications, and inside your data center and cloud environments.

As a result, micro-segmentation – a security control to stop lateral movement – has become a foundational component for Zero Trust.

Illumio a Leader in Forrester Wave

WaveBanner2020

Forrester evaluated 15 top vendors in the market, including many industry giants like Microsoft, Google, Cisco, Palo Alto Networks, and Okta. This year, we are thrilled to be a leader in Zero Trust, receiving the highest score across all the major categories: current offering, strategy, and market presence.

We believe this placement validates Illumio’s groundbreaking approach. We acknowledge and accept the responsibility that comes with leading an industry-changing market, and we look forward to continued innovation from our own product offerings and the industry as a whole.

To learn more about how Illumio can help you on your Zero Trust journey:

Adaptive Segmentationmicro-segmentation
Share this post:

Try Illumio Edge