/
Zero Trust Segmentation

Secure Legacy Technology With Zero Trust Segmentation

Today’s complex IT systems have applications, data, and devices across cloud and on-premises environments. And it’s made even more complex with legacy technology. A common example in many organizations is instances in production on end-of-support servers such as Windows 2003.  

Organizations often have business-critical reasons for not updating or retiring legacy technology. The biggest challenge is how to protect this tech once it has reached end of support by the manufacturer.

This blog post will break down the security risks of legacy technology and how Zero Trust Segmentation can help.

A cybersecurity professional standing in front of an on-premises server

Why do companies keep legacy technology?

There are many reasons an organization may need to keep legacy tech:  

  1. Legacy applications: Often, organizations can’t upgrade a server because they rely on legacy applications designed to run on a specific version. These apps may not work with newer operating systems. This means rewriting or migrating them can take a lot of time and money. As a result, organizations continue to use old servers to maintain access to critical software.
  1. Custom configurations: Over time, organizations customize the ways their servers are configured to meet specific business needs. Moving to a new operating system would mean changing these settings which can be complex and high risk. And as technology ages, it may be more difficult to find people with the right technical knowledge to support a migration.  
  1. Hardware dependencies: Some hardware doesn’t work with newer operating systems. Switching the hardware along with upgrading the operating system can be too expensive.  
  1. Regulatory compliance: Many industries have strict compliance mandates to follow (like HIPAA, PCI, and GDPR). Companies may keep using old devices to avoid disrupting important processes that meet these requirements while they work on meeting new ones.

The risks of keeping legacy technology

As valid as the need may be, it grows more difficult to protect legacy technology as time passes. In the case of both Windows 2003 and 2008, they have reached end of support by Microsoft.

When technology is no longer supported, it means the manufacturer stops giving security updates or patches. Without updates, security weaknesses get ignored, making the system easier to attack. Over time, the number of security vulnerabilities grows, increasing the security risk.  

Legacy systems are also easier to attack. Newer operating systems have better security and, in turn, fewer ways of being attacked. Legacy systems such as Windows Server 2003 don't have these improvements, making them open to many types of attacks.

Illumio Zero Trust Segmentation protects legacy systems

Most organizations know that older, end-of-support technology has risks – but they also have good reasons to keep using them. That’s why Illumio supports legacy technology including Windows 2003 and 2008 (pre-R2).  

Illumio helps security teams lower the risk an attack to legacy systems with Zero Trust Segmentation (ZTS). ZTS is foundational to any Zero Trust architecture and is much simpler and quicker than attempting segmentation with static firewalls. With Illumio, teams can reduce security risk by limiting access to systems with known weaknesses with a least-privilege approach.  

By reducing the attack surface, ZTS contains the spread of breaches and ransomware attacks across hybrid, multi-cloud environments, even those with legacy technology.  

Reduce legacy tech risk with Illumio’s Legacy Windows VEN

Reduce legacy tech risk with Illumio’s Legacy Windows VEN

With Illumio’s Legacy Windows VEN (Virtual Enforcement Node), these steps can help protect legacy technology such as Windows 2003 and 2008 servers (pre R2):

  1. Install the agent and set up Illumio’s Flowlink to quickly see the current traffic between your workloads.
  1. Analyze the traffic to see where you need simple policy and where it would help to ringfence an application.
  1. Start creating rules to manage traffic on your legacy systems. This configures the built-in firewall of the operating system to enforce the rules you've set for your legacy Windows machines.

Once policies are put in place, these systems’ vulnerabilities immediately decrease. This helps lessen the effects of breaches and stops attackers from spreading through the network. Security weaknesses might still be present, but with ZTS, attackers can't get to the assets they want to exploit. And if a resource does get attacked, proper segmentation prevents attackers from reaching the rest of the network.

Contact us to learn how the Illumio Zero Trust Segmentation Platform can help you secure against the next potential attack.  

Related topics

No items found.

Related articles

5 Reasons Your Firewall Team Will Love Microsegmentation
Zero Trust Segmentation

5 Reasons Your Firewall Team Will Love Microsegmentation

The upgrade firewall administrators have long needed, micro segmentation moves the enforcement point to the application instance itself. Here’s how it works.

What’s Important in a Policy Model for Microsegmentation?
Zero Trust Segmentation

What’s Important in a Policy Model for Microsegmentation?

Of all the features to discuss in a micro-segmentation solution, most vendors wouldn’t start with the policy model.

Refocus on Cloud Security: How Zero Trust Segmentation Secures the Cloud
Zero Trust Segmentation

Refocus on Cloud Security: How Zero Trust Segmentation Secures the Cloud

Learn the 4 main ways that Zero Trust Segmentation secures the cloud from the spread of cyberattacks.

Get 5 Zero Trust Insights from Microsoft’s Ann Johnson
Cyber Resilience

Get 5 Zero Trust Insights from Microsoft’s Ann Johnson

Hear from Ann Johnson, Corporate VP of Microsoft Security Business Development, on cyber resilience, AI, and where to start with Zero Trust.

Illumio Simplifies Zero Trust Segmentation with Flexible Licensing
Illumio Products

Illumio Simplifies Zero Trust Segmentation with Flexible Licensing

New Illumio ZTS Platform licensing options mean your organization is even better positioned to meet the security needs of today’s ever-changing cloud, endpoint, and data center environments.

Learnings From 3 Recent Cyberattacks Point to Zero Trust Segmentation
Zero Trust Segmentation

Learnings From 3 Recent Cyberattacks Point to Zero Trust Segmentation

Recent cybersecurity incidents like those impacting MITRE, the Danish energy infrastructure, and the British Library are reminders of how important network segmentation is in reducing the impact of breaches and ransomware attacks.

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?