Backed by a company that understands the importance of investments in technology and has confidence in its IT leader to make savvy decisions, Francis chose Illumio Core for Hartwig’s data center segmentation needs.
“Illumio Core looked about a million times easier and was significantly less expensive than the initial vendor we considered,” Francis says.
He estimates that Hartwig spent a quarter of what they would have with the hypervisor-based solution — in both dollars and time. Saving tens of thousands of dollars is no small win for Hartwig.
As a visual worker, Tim gained immediate value from Illumio Core’s built-in real-time map.
“I got a tremendous amount of insight into our environment and the traffic flows I need to understand before I could even think about building policies,” Francis says. “The adage that ‘a picture is worth a thousand words’ definitely applies.”
Francis took a deliberate approach to deployment, starting by understanding the connections and flows across the data center. He then began turning off unused services. Shutting down the associated open ports and potential connections that attackers could exploit significantly reduced Hartwig’s attack surface.
Illumio Core’s easy-to-understand labeling system further simplifies visualization and facilitates policy creation. The map makes it easy to craft policies that only allow trusted communications. Francis also took advantage of Illumio Core’s test mode, allowing him to model and test policies against existing traffic flows to assess impact before enforcement.
While Hartwig successfully enforced Zero Trust Segmentation server policies, the desire — and need — to extend Zero Trust protection to employee laptops increased when Hartwig’s largely remote workforce became fully remote due to COVID-19 office closures. Alternative approaches like writing Group Policy Objects would be untenable. Francis wanted a centrally managed endpoint solution that is SaaS-based.
And then came Illumio Edge, a first-of-its-kind Zero Trust endpoint solution introduced in June 2020. Illumio Edge ensures that if an employee laptop is hit with ransomware, the attack will be contained to that machine.
It was the onset of the pandemic, and spending was closely monitored. But with established trust in Illumio and a sense of urgency for ransomware resilience, Illumio Edge was approved as the most efficient and economical way to protect the company’s endpoints.
Hartwig quickly deployed Illumio Edge across its entire employee laptop estate, and the learning curve was easy. Setting up automated allowlist policies was as simple as selecting the peer-to-peer applications and services like Microsoft Teams that Francis wanted to permit.
Similar to Illumio Core, Illumio Edge provides the option to test policies before moving to enforcement. Hartwig can now confidently and safely prevent ransomware from propagating without disrupting employee productivity or business operations.
Policy follows the user whether on or off the network. Illumio Edge also provides a view to monitor blocked traffic between endpoints to identify any potential ransomware.