Industry: Real Estate
Environment: On-premises data center applications and gradual cloud adoption
Challenge: Lack of visibility and control of lateral traffic; risks posed by legacy servers and an unsegmented network
Solution: Real-time application dependency mapping and micro-segmentation from Illumio Core
Results: Comprehensive workload and application visibility; agile, flexible security policies; breach-ready assurance
As one of Australia’s largest commercial real estate companies, Investa has a powerhouse portfolio worth over $11 billion, with steady growth predicted for the future. The company consistently delivers high-quality real estate services and outperforms for its investors. Protecting that reputation puts a spotlight on how Investa is protecting its IT environment and business-critical applications.
With the growth of cyber threats to the real estate industry, the company took a proactive “assume breach” approach, focusing on strategy to limit the impact and spread should a breach occur. Investa needed internal data center and cloud segmentation. The search for a solution kicked into gear when the risk posed by a small number of legacy Windows servers with known but non-patchable vulnerabilities became too high. “Segmentation became an imperative next step to mitigate risk and protect new and legacy workloads,” said Nathan Powell, IT Operations Manager. “We needed a way to accurately identify, visualize, and control lateral traffic.”
Investa’s objectives would require a more granular degree of segmentation than network firewalls and other traditional methods offer. Beyond that, requirements included a solution that didn’t involve reconfiguration efforts and wouldn’t hinder the organization’s cloud adoption momentum.
Nathan sought “true micro-segmentation,” which led Investa to Illumio Core.
Independent of underlying infrastructure, Illumio Core delivers visibility and granular control across any data center and public cloud environment.
“The initial deployment of Illumio agents was easy,” according to Nathan. Soon after, the real-time application dependency map, known as Illumination, provided fast value. Investa had newfound visibility into the interconnections between applications and workloads – and a quick lesson learned: “Don’t make assumptions about your environment,” Nathan said. “Our application environment was more sophisticated than we originally thought. This insight validated our decision to use Illumio; designing traditional firewall policies to provide the same level of protection would have been far more complicated and time-consuming.”
Investa gleaned insights into how critical business applications work, how users connect with different systems, and unnecessary connections that present risk. These discoveries gave the team plenty to address and were critical to informing policy decisions while offering significant peace of mind.
“The visual feedback makes it easy to paint a clear, accurate picture of the controls we have in place for our executives. It assures them that we know exactly what is talking to what. No one wants to be the company that gets breached, but if that happens, we have peace of mind that it will be contained.”
The mapping and policy decision processes have also enhanced relationships with application owners and teams. As Investa deploys new applications in the cloud, Illumio Core will continue to be an enabler of transformation – without sacrificing security.
The real-time application dependency map provides context down to individual workloads, showing services running on the workloads and traffic flows between them, to help Investa better understand risk across environments.
The team can easily share updates with executives and include a visual representation of Investa’s application environment and segmentation status, providing assurance that Investa is primed to limit an attacker’s mobility and minimize the impact of a potential breach.
Infrastructure-independent micro-segmentation is ideal for dynamic environments, and with cloud adoption initiatives already in progress, Illumio Core gives Investa the ability to consistently protect applications deployed into any public cloud without introducing new networkbased risks.
Illumio Core has facilitated cross-team collaboration, pulling application owners into the policy decisionmaking processes and driving alignment around what needs to be done for security.
