ServiceNow Finds the Smarter Way to Segment Using Illumio

Protecting critical systems across Azure, AWS, and on-premises data centers



Industry: Software-as-a-Service (SaaS)

Environment: Multi-cloud deployment across Azure, AWS, and on-premises data centers

Challenge: Enabling a microsegmentation solution with flexibility on-premises and in the cloud and the reliability to maintain compliance with client audits

Solution: Illumio Secure Cloud to secure domain controllers and internal core services through segmentation and visibility that works across locations globally

Results: Seamless security policies and visibility with proven reliability and simplicity, addressing flat network concerns

Customer Overview & Challenge

As the premier cloud platform for IT service management, ServiceNow clients have high expectations of the cloud giant’s IT department. They meet these expectations by following security best practices and using the best tools available, but a steady stream of client audits regularly puts them to the test.

When they identified the need to address a flat network and properly secure their domain controllers and core services, Principal IT Security Architect, Joel Duisman, knew it was time to refine their network segmentation strategy.

As a VMware shop, Joel got his hands dirty trying out a hypervisor-based microsegmentation solution first. But, ultimately, cost and technical flexibility factors forced his team to try a second vendor. The team now had the segmentation chops to set up rules and turn the solution on quickly, but they ran into critical technical problems, including known product issues and inexplicable breakages, and found they couldn’t stand up the deployment.

Despite these vendor challenges, microsegmentation was still a requirement. ServiceNow needed a flexible, foolproof solution and a vendor with a transparent design.

Illumio Solution

As the saying goes, third time’s a charm. For Joel, the idea of using Illumio wasn’t novel. As an “old school” (in his own words) but innovative architect, he knew Illumio’s solution could meet their needs to be client-audit ready; to go to the cloud with them as they deployed domain controllers in Azure and AWS; and to be operationally safer and simpler to implement and maintain than hypervisor- and network-based approaches.

“As an architect, I prefer clean solutions that I can easily explain. Architecturally, Illumio is not complicated because it acts as a control plane for existing server firewalls. With the other vendors, diagnosing issues can depend on tools and information that we do not have access to.”

Joel and team followed a deliberative, phased rollout process to balance their security requirements with the residual internal trepidation within the business from previous microsegmentation vendor challenges. They started with domain controllers, and “it went off without a hitch — there were no service interruptions, and that is key,” Joel explained.

The team has found the visibility gained across their environments using Illumio’s real-time application dependency map, Illumination, to be vital to their continued success.

“High-quality information on traffic patterns is valuable. The gold standard up until now has been full packet capture, but that is expensive and takes a lot of effort. Illumio provides the solution to two security challenges. The map allows us to see what is talking to what and to go back to a server and see when the server’s behavior changes. We use Illumio’s integration with Splunk for quick insights and alerts. We feel confident that we’re protected. Illumio makes it easy to become a real expert at your own application behavior.”

Customer Benefits

Seamless SIEM integration

Using Illumio’s integration with Splunk, the team has more security and operational insights into their Illumio-secured environments and can detect, alert, and quarantine in a few clicks.

Real-time visibility

The Illumination map is an invaluable multipurpose tool for the team, used for building segmentation policies and seeing what’s talking to what for compliance, incident response, and disaster recovery testing.

Consistent protection across multi-cloud

The segmentation policies work consistently across Azure, AWS, and on-premises data centers to protect critical systems, with no interruptions.

Easy and reliable for the win

The team scored their much-anticipated microsegmentation win with a phased rollout and the Illumio team just a phone call away — helping to make them segmentation heroes.


I sleep better at night knowing that Illumio closes the doors on potential attacks against our domain controllers. The demonstrable risk to the environment is noticeably lessened.

Joel Duisman, Principal IT Security Architect