AFA Försäkring Protects Against Lateral Movement With Illumio
Overview and challenges
More than 4.8 million Swedish citizens — nearly half the population — rely on AFA Försäkring (AFA) for workrelated insurance. Providing health and life coverage for private and public sector employees, the company manages approximately 195 billion (4.8B USD) in assets.
With a wealth of sensitive information and services at stake, insurers like AFA are prime targets for attack.
That’s where the need for better segmentation to effectively safeguard their systems and minimize the impact of a breach came in. Using VLANs and firewalls became too complex and time-consuming — and proved inadequate for stopping lateral movement. The need to adhere to regulations like GDPR only raised the stakes.
As Head of Department IT Infrastructure, Mikael Karlsson, explained: “We couldn’t keep up with the number of VLANs and firewall rules needed to properly segment our network. Finding a microsegmentation solution was critical to address both lateral movement and increasing regulatory demands.”
How Illumio helped
It wasn’t long before AFA discovered and deployed Illumio Core. After the initial demo, Karlsson determined that it was the right solution and was keen to pursue a pilot.
“I decided almost immediately that this is something we wanted to test,” said Karlsson. “The simple yet powerful graphical map provided visibility that we never had before. I knew that it would be invaluable to easily understand and control what’s happening inside our network.”
Making up for time spent trying to segment with VLANs and firewalls, within two short months, the team identified their high-value applications, set their strategy, and installed Illumio Core.
For a small core team with a big mission, the real-time application dependency map, Illumination, has been invaluable. They can now easily monitor East-West traffic between workloads and applications in their data centers, which is key to GDPR requirements for visualization and an understanding of connectivity.
Gaining live visibility into flows between workloads down to the paths of protocols provided immediate value. Stefan Löfqvist Network Security Engineer AFA Försäkring
For Network Security Engineer, Stefan Löfqvist, who bears the responsibility for firewall operations and Illumio Core, time is of the essence, so the efficiencies gained from the product are essential.
“Gaining live visibility into flows between workloads down to the paths of protocols provided immediate value,” said Löfqvist. “The ability to use the map to easily allowlist traffic and achieve the level of segmentation needed will be a tremendous time-saver over manually programming firewall rules.”
The map also allows AFA to test segmentation policies before they go into enforcement. They can now execute their segmentation strategy confidently, whether separating production from non-production environments or ringfencing applications, knowing that they won’t face downtime or risk business disruption.
Results and benefits
- Ongoing visibility
The team can derive actionable insights from Illumio Core’s always-on, comprehensive map of application components, communications, and dependencies.
- Sustainable, simplified operations
The intuitive interface makes Stefan’s life easier and enables him to work on microsegmentation initiatives much more efficiently than he could with VLANs and firewalls.
QBE Insurance Strengthens Its Zero Trust Security With Illumio
For QBE, microsegmentation reduces complexity and risk across a globally distributed infrastructure.
Frankfurter Volksbank Invests in Illumio for Compliance Success
Frankfurter Volksbank met key regulatory requirements with micro-segmentation controls and real-time visibility into application traffic.
Illumio Provides Unparalleled Visibility in 3 Hours for Mondi Group
Mondi Group achieved mission-critical security and transparency in a globally distributed network, gaining insights it had sought for years.