Illumio Achieves Federal Common Criteria Certification for Enterprise Security Management

First Security Segmentation Solution Certified for US Defense Agencies

SUNNYVALE, Calif. – Aug. 27, 2019 – Illumio, a cybersecurity leader delivering micro-segmentation, today announced that it has completed the rigorous and comprehensive security testing and evaluation for Common Criteria certification. Illumio’s solution is now the first segmentation solution to be certified for the National Information Assurance Partnership (NIAP) Protection Profile for Enterprise Security Management version 2.1. With Common Criteria certification, Illumio’s Adaptive Security Platform (ASP) meets the Information Assurance (IA) requirements for U.S. Defense agencies, Allied Defense agencies, and other regulated industries to prevent the spread of breaches inside data center and cloud environments. Furthermore, Defense agencies looking to secure their high-value assets (HVAs) and critical applications can now leverage Illumio’s platform, which allows them to implement a Zero Trust environment. Zero Trust helps address one of the biggest challenges faced in the industry – insider threats.

“Government agencies face a myriad of cyber threats not only from outside actors but also insiders such as contractors and temporary workers who inadvertently put the network at risk. In fact, the issue is of such importance that the Department of Defense recently asked the National Institute of Standards and Technology (NIST) to develop a custom security guidance document for contractors to follow to better protect unclassified and classified materials,” said Don French, Director of Federal Sales, Illumio. “With Common Criteria certification, our Adaptive Security Platform can now be leveraged by agencies to isolate threats and prevent malicious acts from moving laterally across their network to ensure the integrity of their critical data and high-value assets.”

Illumio’s real-time application dependency maps, vulnerability exposure insights, and security micro-segmentation work across any data center and any cloud on bare-metal servers, virtual machines, and containers. The company’s approach to cybersecurity focuses on decoupling security segmentation from the network infrastructure, greatly simplifying the creation, testing, and enforcing of security policy without impacting network performance in any way. With Illumio’s micro-segmentation solution, organizations can assure their most valued assets are protected. The approach is faster, safer, and much less expensive than traditional segmentation approaches.

In December of 2018, the Office of Management and Budget (OMB) released a memorandum outlining a new protocol for the securing of high-value assets (HVAs) for government agencies. Within the memorandum, the OMB—in conjunction with the Department of Homeland Security—cited the following elements:

  • Establishing Enterprise HVA Governance;
  • Improving the Designation of HVAs;
  • Implementing Data-Driven HVA Prioritization;
  • Increasing the Trustworthiness of HVAs;
  • Protecting Privacy and HVAs; and
  • Defining HVA Reporting, Assessment, and Remediation Requirements.

The Common Criteria for Information Technology Security Evaluation—an international framework (ISO/IEC 15408)—defines a common approach for evaluating security features and capabilities of IT security products. A certified product is one that a recognized Certification Body asserts as having been evaluated by a qualified, accredited, and independent evaluation laboratory competent in the field of IT security evaluation to meet the requirements of the Common Criteria and Common Methodology for Information Technology Security Evaluation (CEM).

Leading up to this Common Criteria certification, Illumio announced last year that its ASP achieved compliance with the Federal Information Processing Standard (FIPS) 140-2 Level 1 security standard. To learn more about the Illumio Adaptive Security Platform and how it is helping government agencies protect their data, download the datasheet.

About Illumio

Illumio, a cybersecurity leader delivering segmentation solutions, prevents the spread of breaches inside data center and cloud environments. Enterprises such as Morgan Stanley, BNP Paribas, Salesforce, and Oracle NetSuite use Illumio to reduce cyber risk and achieve regulatory compliance. The Illumio Adaptive Security Platform® uniquely protects critical information with real-time application dependency and vulnerability mapping coupled with segmentation that works across any data center, public cloud, or hybrid cloud deployment on bare-metal, virtual machines, and containers. For more information, visit https://www.illumio.com/company/what-we-do and:

Media and Analyst Contact

Michelle Van Jura

Intersect Communications, for Illumio

[email protected]

C: 310-420-4062

Related news


Illumio and Netskope Announce Zero Trust Partnership to Strengthen Enterprise Resilience Against Cyberattacks

Zero Trust Segmentation combined with Zero Trust Network Access delivers dynamic protection across modern hybrid IT

Illumio Inc

Illumio Joins Microsoft Intelligent Security Association (MISA)

Illumio Inc., a Zero Trust Segmentation company, today announced it has become a member of Microsoft Intelligent Security Association (MISA).


EY Announces Andrew Rubin of Illumio as an Entrepreneur of the Year® 2024 Bay Area Award Finalist

Entrepreneur of the Year celebrates ambitious entrepreneurs who are shaping the future

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?