Illumio Achieves Federal Common Criteria Certification for Enterprise Security Management

First Security Segmentation Solution Certified for US Defense Agencies

SUNNYVALE, Calif. – Aug. 27, 2019 – Illumio, a cybersecurity leader delivering micro-segmentation, today announced that it has completed the rigorous and comprehensive security testing and evaluation for Common Criteria certification. Illumio’s solution is now the first segmentation solution to be certified for the National Information Assurance Partnership (NIAP) Protection Profile for Enterprise Security Management version 2.1. With Common Criteria certification, Illumio’s Adaptive Security Platform (ASP) meets the Information Assurance (IA) requirements for U.S. Defense agencies, Allied Defense agencies, and other regulated industries to prevent the spread of breaches inside data center and cloud environments. Furthermore, Defense agencies looking to secure their high-value assets (HVAs) and critical applications can now leverage Illumio’s platform, which allows them to implement a Zero Trust environment. Zero Trust helps address one of the biggest challenges faced in the industry – insider threats.

“Government agencies face a myriad of cyber threats not only from outside actors but also insiders such as contractors and temporary workers who inadvertently put the network at risk. In fact, the issue is of such importance that the Department of Defense recently asked the National Institute of Standards and Technology (NIST) to develop a custom security guidance document for contractors to follow to better protect unclassified and classified materials,” said Don French, Director of Federal Sales, Illumio. “With Common Criteria certification, our Adaptive Security Platform can now be leveraged by agencies to isolate threats and prevent malicious acts from moving laterally across their network to ensure the integrity of their critical data and high-value assets.”

Illumio’s real-time application dependency maps, vulnerability exposure insights, and security micro-segmentation work across any data center and any cloud on bare-metal servers, virtual machines, and containers. The company’s approach to cybersecurity focuses on decoupling security segmentation from the network infrastructure, greatly simplifying the creation, testing, and enforcing of security policy without impacting network performance in any way. With Illumio’s micro-segmentation solution, organizations can assure their most valued assets are protected. The approach is faster, safer, and much less expensive than traditional segmentation approaches.

In December of 2018, the Office of Management and Budget (OMB) released a memorandum outlining a new protocol for the securing of high-value assets (HVAs) for government agencies. Within the memorandum, the OMB—in conjunction with the Department of Homeland Security—cited the following elements:

  • Establishing Enterprise HVA Governance;
  • Improving the Designation of HVAs;
  • Implementing Data-Driven HVA Prioritization;
  • Increasing the Trustworthiness of HVAs;
  • Protecting Privacy and HVAs; and
  • Defining HVA Reporting, Assessment, and Remediation Requirements.

The Common Criteria for Information Technology Security Evaluation—an international framework (ISO/IEC 15408)—defines a common approach for evaluating security features and capabilities of IT security products. A certified product is one that a recognized Certification Body asserts as having been evaluated by a qualified, accredited, and independent evaluation laboratory competent in the field of IT security evaluation to meet the requirements of the Common Criteria and Common Methodology for Information Technology Security Evaluation (CEM).

Leading up to this Common Criteria certification, Illumio announced last year that its ASP achieved compliance with the Federal Information Processing Standard (FIPS) 140-2 Level 1 security standard. To learn more about the Illumio Adaptive Security Platform and how it is helping government agencies protect their data, download the datasheet.

About Illumio

Illumio, a cybersecurity leader delivering segmentation solutions, prevents the spread of breaches inside data center and cloud environments. Enterprises such as Morgan Stanley, BNP Paribas, Salesforce, and Oracle NetSuite use Illumio to reduce cyber risk and achieve regulatory compliance. The Illumio Adaptive Security Platform® uniquely protects critical information with real-time application dependency and vulnerability mapping coupled with segmentation that works across any data center, public cloud, or hybrid cloud deployment on bare-metal, virtual machines, and containers. For more information, visit www.illumio.com/what-we-do and:

Media and Analyst Contact

Michelle Van Jura

Intersect Communications, for Illumio

[email protected]

C: 310-420-4062

Related news


Illumio Announces Incident Response Partner Program and New Product Features to Fight Ransomware

Illumio Zero Trust Segmentation Dashboards Make it Easy to Improve Ransomware Resilience as Proven Incident Response Partner Program Empowers DFIR Providers with ZTS


Illumio Launches Zero Trust Segmentation ROI Calculator to Help Organizations Maximize Cyber Investment

Illumio ZTS platform delivered 111 percent return on investment and 66 percent reduction in blast radius


Illumio Names Gautam Mehandru as Chief Marketing Officer

Promotion to CMO follows Illumio’s record fiscal year and record Q4 performance fueled by impactful marketing initiatives

Assume Breach.
Minimize Impact.
Increase Resilience.

Ready to learn more about Zero Trust Segmentation?