As the saying goes, third time’s a charm. For Joel, the idea of using Illumio wasn’t novel. As an “old school” (in his own words) but innovative architect, he knew Illumio’s solution could meet their needs to be client-audit ready; to go to the cloud with them as they deployed domain controllers in Azure and AWS; and to be operationally safer and simpler to implement and maintain than hypervisor- and network-based approaches.
“As an architect, I prefer clean solutions that I can easily explain. Architecturally, Illumio is not complicated because it acts as a control plane for existing server firewalls. With the other vendors, diagnosing issues can depend on tools and information that we do not have access to.”
Joel and team followed a deliberative, phased rollout process to balance their security requirements with the residual internal trepidation within the business from previous microsegmentation vendor challenges. They started with domain controllers, and “it went off without a hitch — there were no service interruptions, and that is key,” Joel explained.
The team has found the visibility gained across their environments using Illumio’s real-time application dependency map, Illumination, to be vital to their continued success.
“High-quality information on traffic patterns is valuable. The gold standard up until now has been full packet capture, but that is expensive and takes a lot of effort. Illumio provides the solution to two security challenges. The map allows us to see what is talking to what and to go back to a server and see when the server’s behavior changes. We use Illumio’s integration with Splunk for quick insights and alerts. We feel confident that we’re protected. Illumio makes it easy to become a real expert at your own application behavior.”