Illumio Sentinel Solution
Enhance security operations in Microsoft Sentinel with Zero Trust Segmentation
Strengthen cyber resilience and compliance with better visibility and protection
Illumio CloudSecure for Azure
Learn how Azure customers can secure applications and workloads across multiple clouds with Illumio CloudSecure.
Illumio for Azure Firewall
Protect your Azure deployment or accelerate your move to the cloud with enhanced visibility and Zero Trust security policies.
Copilot for Security
Illumio is a proud participant in the Microsoft Copilot for Security Partner Private Preview, leveraging the power of generative AI for cybersecurity.
Illumio Sentinel Solution
Enhance your security operations in Microsoft Sentinel with greater visibility into workloads and improved context.
Faster response to incidents
Correlate Illumio traffic flow logs from workloads with other security event data, providing security teams with deeper insights and quicker response
Greater visibility into workloads
Prioritize efforts with data on tampering events, auditable events, ports scan events, blocked traffic and most trafficked workloads and services
Enhanced SecOps efficiency
View auditable events and traffic flow logs as readable, usable data directly in Sentinel, centralizing security monitoring
Featured AWS partner
The 2023 Cloud Security Trends ebook from SANS and AWS features Illumio as a “highly capable” solution for Zero Trust and cloud security.
Illumio and AWS podcast
Hear Illumio and AWS leaders discuss Zero Trust’s role in cybersecurity, securing your cloud migration, evolving threats in the cloud, and more.
Illumio and AWS GuardDuty
Discover how the combined capabilities of AWS GuardDuty and Illumio ZTS remediate malicious anomalous traffic and enhance resilience.
Illumio and AWS Webinar
Watch Illumio and AWS leaders discuss how healthcare organizations, a prime target for ransomware, can modernize their cybersecurity.
Illumio Sentinel Solution is available now
The power of Illumio available in Sentinel workbooks
Security administrators can import Illumio log data into Sentinel in order to create security queries on Illumio flow log and audits,
view analytics in out-of-the box dashboards (workbooks) and receive alerts on security events.
Workload Stats Workbook
- Workload operations and investigations by VEN version, type, status and synchronization state
- Managed and unmanaged workload counts
- Workload counts by OS and enforcement state
Auditable Events Workbook
- Counts of audit events, tampering events, and port scan events
- Change monitoring including workloads affected by policy changes, changes by resource type and user
- Data on all authentication events, filtered by severity and status
Workload Stats Workbook
- Workload operations and investigations by VEN version, type, status and synchronization state
- Managed and unmanaged workload counts
- Workload counts by OS and enforcement state
Auditable Events Workbook
- Counts of audit events, tampering events, and port scan events
- Change monitoring including workloads affected by policy changes, changes by resource type and user
- Data on all authentication events, filtered by severity and status
Flow Data Workbook
- Workloads which are seeing the most traffic (inbound/outbound)
- Services (port/protocol) that are most active
- System traffic flow levels during time intervals (allowed, blocked, potentially blocked, unknown)
Workload Stats Workbook
- Workload operations and investigations by VEN version, type, status and synchronization state
- Managed and unmanaged workload counts
- Workload counts by OS and enforcement state
Auditable Events Workbook
- Counts of audit events, tampering events, and port scan events
- Change monitoring including workloads affected by policy changes, changes by resource type and user
- Data on all authentication events, filtered by severity and status
Flow Data Workbook
- Workloads which are seeing the most traffic (inbound/outbound)
- Services (port/protocol) that are most active
- System traffic flow levels during time intervals (allowed, blocked, potentially blocked, unknown)
Workload Stats Workbook
- Workload operations and investigations by VEN version, type, status and synchronization state
- Managed and unmanaged workload counts
- Workload counts by OS and enforcement state
Auditable Events Workbook
- Counts of audit events, tampering events, and port scan events
- Change monitoring including workloads affected by policy changes, changes by resource type and user
- Data on all authentication events, filtered by severity and status
Workload Stats Workbook
- Workload operations and investigations by VEN version, type, status and synchronization state
- Managed and unmanaged workload counts
- Workload counts by OS and enforcement state
Auditable Events Workbook
- Counts of audit events, tampering events, and port scan events
- Change monitoring including workloads affected by policy changes, changes by resource type and user
- Data on all authentication events, filtered by severity and status
Flow Data Workbook
- Workloads which are seeing the most traffic (inbound/outbound)
- Services (port/protocol) that are most active
- System traffic flow levels during time intervals (allowed, blocked, potentially blocked, unknown)
Workload Stats Workbook
- Workload operations and investigations by VEN version, type, status and synchronization state
- Managed and unmanaged workload counts
- Workload counts by OS and enforcement state
Auditable Events Workbook
- Counts of audit events, tampering events, and port scan events
- Change monitoring including workloads affected by policy changes, changes by resource type and user
- Data on all authentication events, filtered by severity and status
Flow Data Workbook
- Workloads which are seeing the most traffic (inbound/outbound)
- Services (port/protocol) that are most active
- System traffic flow levels during time intervals (allowed, blocked, potentially blocked, unknown)