ServiceNow Finds the Smarter Way to Segment Using Illumio

As the premier cloud platform for IT service management, ServiceNow clients have high expectations of the cloud giant’s IT department. They meet these expectations by following security best practices and using the best tools available, but a steady stream of client audits regularly puts them to the test.

When they identified the need to address a flat network and properly secure their domain controllers and core services, Principal IT Security Architect, Joel Duisman, knew it was time to refine their network segmentation strategy.

As a VMware shop, Joel got his hands dirty trying out a hypervisor-based microsegmentation solution first. But, ultimately, cost and technical flexibility factors forced his team to try a second vendor. The team now had the segmentation chops to set up rules and turn the solution on quickly, but they ran into critical technical problems, including known product issues and inexplicable breakages, and found they couldn’t stand up the deployment.

Despite these vendor challenges, microsegmentation was still a requirement. ServiceNow needed a flexible, foolproof solution and a vendor with a transparent design.

As the saying goes, third time’s a charm. For Joel, the idea of using Illumio wasn’t novel. As an “old school” (in his own words) but innovative architect, he knew Illumio’s solution could meet their needs to be client-audit ready; to go to the cloud with them as they deployed domain controllers in Azure and AWS; and to be operationally safer and simpler to implement and maintain than hypervisor- and network-based approaches.

“As an architect, I prefer clean solutions that I can easily explain. Architecturally, Illumio is not complicated because it acts as a control plane for existing server firewalls. With the other vendors, diagnosing issues can depend on tools and information that we do not have access to.”

Joel and team followed a deliberative, phased rollout process to balance their security requirements with the residual internal trepidation within the business from previous microsegmentation vendor challenges. They started with domain controllers, and “it went off without a hitch — there were no service interruptions, and that is key,” Joel explained.

The team has found the visibility gained across their environments using Illumio’s real-time application dependency map, Illumination, to be vital to their continued success.

“High-quality information on traffic patterns is valuable. The gold standard up until now has been full packet capture, but that is expensive and takes a lot of effort. Illumio provides the solution to two security challenges. The map allows us to see what is talking to what and to go back to a server and see when the server’s behavior changes. We use Illumio’s integration with Splunk for quick insights and alerts. We feel confident that we’re protected. Illumio makes it easy to become a real expert at your own application behavior.”