AmLaw 10 Firm Aces Client Security Audits with Illumio

An agent-based solution to boldly go where firewalls, network-based, and hypervisor-based solutions don’t — everywhere.


Industry: Legal Services

Environment: Data center of 2,000 servers and 100+ applications, with pending cloud migration

Challenge: Segmentation across heterogeneous environments – without the complexity of firewalls

Solution: Illumio’s Zero Trust-friendly micro-segmentation based on full application visibility

Results: Uniform, infrastructure-agnostic segmentation, including Azure, without touching the network

Customer Overview & Challenge

An AmLaw 10 law firm faced ongoing security audits to ensure it was adequately isolating sensitive evidentiary data for its client base in highly-regulated industries. In the wake of PEN testing, the IT team also sought to segment and ringfence its applications to prevent the spread of any potential breaches. The firm’s security needs had grown; the need for comprehensive, audit-ready segmentation was not optional.

Yet, the IT team struggled to fit an existing firewall solution to the purpose. While relatively small in scale, the 2,000 strong server farm supported 100+ mission-critical applications, requiring a high degree of rule complexity. Moreover, a pending cloud migration meant environments were shifting outside the network. Software-defined networking (SDN) couldn’t perform adequately to the task and was financially untenable. Hypervisor-based segmentation was a non-starter due to incompatibility with the firm’s standard hypervisors and servers. Decoupling security from the network with an infrastructure-agnostic approach was critical to gaining uniform segmentation across environments.

Illumio Solution

The IT team chose Illumio Core™ as a software-based solution that could apply consistent policy to heterogeneous sources, including the cloud, and stood up its Policy Compute Engine (the “central brain” of the solution) in 45 minutes to begin creating policy.

But there were operational benefits too, as the firm began working with application owners to build and enforce policy. Beyond making segmentation architecturally possible across the data estate, Illumio helped the firm gain efficiencies in understanding and troubleshooting application traffic. Application owners empowered with visibility could see where traffic was blocked and adjust policy according to easily understood labels in natural language, without talking to the networking team or dealing with IP addresses.

Since initial deployment, the firm has established evergreen client reporting to streamline its audit documentation obligations, designed more granular segmentation as part of its Phase Two “honeycombing” efforts, and plans to tighten up IP lists with nano-segmentation in Phase Three.

Customer Benefits

Full compute visibility

Illumio’s real-time application dependency map, Illumination, gave the security team visibility across all forms of compute in the data estate, and app owners new understanding of the users and traffic communicating with their programs, to inform design and improve security

Zero Trust with natural language usability

Allowlist policies are created with human-understandable metadata tags (Role, Application, Environment, Location) to align with business objectives and increase usability over trolling through IP addresses to design firewall rules.

Streamlined onboarding

Workloads come online with Illumio labels, which inherit any policies whose scope matches the labels, making it easy for the firm to scale applications securely.