The Future of Cyber Resilience: Illumio and NVIDIA Pioneer a New Era of Zero Trust Security

In 2014, a steel mill in Germany went up in flames. Not because of human error or mechanical failure — because of a cyberattack.  

Attackers breached the facility’s network and took aim at the industrial control systems managing the blast furnace. These systems, designed to regulate extreme temperatures during steel production, failed to shut down properly. The result was a fire that caused massive physical damage, all triggered by malware, not explosives.

It was one of the first high-profile examples of a digital attack causing real-world destruction in an operational technology (OT) environment. And it was just the beginning.

Today, attacks like these have become far more sophisticated. OT environments remain a prime target, especially in sectors like manufacturing, energy, and healthcare, where disruptions can be catastrophic.

Defending critical infrastructure now means converging IT and OT security and doing it in a way that delivers real-time visibility, proactive containment, and AI-level speed.

In this post, we’ll explore how Illumio and NVIDIA are partnering to bring that next-gen approach to life with integrated AI-driven segmentation and breach containment built for the new threat landscape.

OT devices often can’t be secured with traditional IT agents  

Software agents are often used to deliver security solutions to workloads. But much of the time, OT devices don’t support their deployment.  

Many OT devices perform very specific tasks. This means they often aren’t controlled with general-purpose operating systems. As a result, third-party software can’t get deployed on them which requires security solutions to be deployed somewhere else.

That’s why OT devices need purpose-built security deployed as close as possible to the OT environment without actually changing the OT devices. Illumio and NVIDIA have partnered to make this possible with a modern breach containment approach.

Automatically see, detect, and close security gaps with Illumio

Cyber threats generally appear first in the IT-managed side of an environment. From there, attackers attempt to breach the network boundaries to reach OT resources.

To discover this suspicious activity — and stop threats from spreading laterally through your network — it’s crucial for security teams to be able to visualize these threats’ propagation patterns on IT-managed resources.  

Illumio delivers this visibility at any scale.

With the Illumio Platform, you can get a global map of all communication between all workloads in cloud, endpoint, and data center environments, including OT environments. Illumio eliminates all blind spots, revealing all communication patterns in and out of OT resources.  

Using this information, Illumio will proactively disable all open ports that aren’t required between workloads, both within and between IT and OT environments. It’ll then make exceptions as needed.  

Illumio continuously monitors all open ports across their life cycles using AI-driven analysis of network behavior. This detects any changes in traffic patterns and application network behavior that fall outside of expected baselines.  

There are usually only a small number of use cases for any traffic moving between IT-managed and OT resources, so creating a narrow allow-list of approved traffic is the foundation of a robust OT security architecture.  

Visibility comes first, which helps you decide how to define the required enforcement security model.  

Illumio extends enforcement to OT with NVIDIA BlueField

The NVIDIA BlueField data processing unit (DPU) is an accelerated cybersecurity platform with integrated enforcement capabilities, available as a PCIe add-on card.  

BlueField can be installed on systems that host OT resources or deployed directly in front of OT devices. This enables delivering a security enforcement point as close as possible to OT environments without modifying the OT devices themselves.

Clear up OT blind spots across IT and OT

Illumio will receive telemetry from OT asset discovery platforms, such as Armis and Claroty. These platforms contain granular information on those assets and context into the services running on them.  

Illumio populates OT devices into its global visibility map and uses the context received from the discovery platforms to assign information to each OT device. It displays all network behavior and application dependencies between OT devices and all activity between them and IT-managed workloads.  

Powered by NVIDIA BlueField, Illumio eliminates all blind spots in OT environments.  

Illumio enables continuous monitoring of all OT devices. It delivers clear visibility using the same label-based policy model as Illumio uses for all cloud, data center, and endpoint environments.  

See OT devices and app behavior by business function or owner

Users understand OT devices by what functions they perform and what business unit or agency owns them. That’s why it doesn’t make sense to visualize devices by their network addressing or within the framework of the Purdue Enterprise Reference Architecture (PERA).

With a flexible labeling policy model from Illumio, you can visualize all OT devices and application behavior by their business function or owner. This makes it easier to see and understand where your OT devices are and how they’re communicating.  

Automatically contain breaches before they spread

Illumio aligns with the Industry 4.0 model, which incorporates:

• IT/OT convergence
• Decentralized control of OT devices
• The evolution of the Industrial Internet of Things (IIoT), edge computing, and cloud computing

The Illumio breach containment platform, including Illumio Insights and Illumio Segmentation, discovers all application dependencies everywhere, including OT devices, and isolates inevitable breaches without the overhead of a complex solution.

With Illumio and NVIDIA BlueField, you can enable an assume-breach security architecture and ensure breaches don’t interrupt normal production.  

Illumio + NVIDIA: Consistent Zero Trust security in OT environments

Securing OT environments is no small feat. It’s a complex challenge that demands a solution built to scale without slowing down your operations.

The integration of Illumio and NVIDIA BlueField delivers exactly that. By embedding security directly into the infrastructure, this joint solution brings OT workloads into the fold of your existing SecOps workflows.

It’s Zero Trust extended to OT. And it’s how you protect critical systems at the speed and scale today’s threats demand.

To learn more about how Illumio works with NVIDIA BlueField, contact us today for a free consultation and demo.