USER segmentation


Traditionally, when users are allowed within a network, they can see and connect to any internal application, regardless of whether they are authorized to access them. This means unauthorized users can gain access to sensitive data and applications with stolen credentials, through weak passwords, or by exploiting an application vulnerability. Network Access Control (NAC) solutions aim to prevent unauthorized access by lumping groups of users into VLANs and firewall zones, but heavy reliance on the physical network makes these solutions hard to deploy and maintain.


The Illumio Adaptive Security Platform (ASP)™ dynamically enforces connectivity to applications based on users’ identities.

  • Prevents unauthorized users from seeing and connecting to applications.
  • Permitted connectivity is based on user identity from Microsoft’s Active Directory.
  • Adds a layer of security that was previously too unwieldy to practically deploy.
  • Provides highly granular connectivity policies without any reliance on underlying infrastructure.
  • No network changes are required to enforce the policies.
  • Hides applications from unauthorized users. 
User-to-Application Connectivity screenshot
Attack Surface Assessment

Free Report


Get network and application-level visibility into your data center and cloud with Illumio's assessment.

Start now »