/

Illumio Sentinel Solution

Enhance security operations in Microsoft Sentinel with Zero Trust Segmentation

Strengthen cyber resilience and compliance with better visibility and protection

  • illustration of a checklist on a clipboard
    Illumio CloudSecure for Azure

    Learn how Azure customers can secure applications and workloads across multiple clouds with Illumio CloudSecure.

  • An illustration of locks imposed over The Cloud
    Illumio for Azure Firewall

    Protect your Azure deployment or accelerate your move to the cloud with enhanced visibility and Zero Trust security policies.

  • Copilot for Security

    Illumio is a proud participant in the Microsoft Copilot for Security Partner Private Preview, leveraging the power of generative AI for cybersecurity.

  • Illumio Sentinel Solution

    Enhance your security operations in Microsoft Sentinel with greater visibility into workloads and improved context.

  • Faster response to incidents

    Correlate Illumio traffic flow logs from workloads with other security event data, providing security teams with deeper insights and quicker response

  • Greater visibility into workloads

    Prioritize efforts with data on tampering events, auditable events, ports scan events, blocked traffic and most trafficked workloads and services

  • Enhanced SecOps efficiency

    View auditable events and traffic flow logs as readable, usable data directly in Sentinel, centralizing security monitoring

  • illustration of a checklist on a clipboard
    Featured AWS partner

    The 2023 Cloud Security Trends ebook from SANS and AWS features Illumio as a “highly capable” solution for Zero Trust and cloud security.

  • An illustration of locks imposed over The Cloud
    Illumio and AWS podcast

    Hear Illumio and AWS leaders discuss Zero Trust’s role in cybersecurity, securing your cloud migration, evolving threats in the cloud, and more.

  • Illumio and AWS GuardDuty

    Discover how the combined capabilities of AWS GuardDuty and Illumio ZTS remediate malicious anomalous traffic and enhance resilience.

  • A checklist on a clipboard
    Illumio and AWS Webinar

    Watch Illumio and AWS leaders discuss how healthcare organizations, a prime target for ransomware, can modernize their cybersecurity.

Illumio Sentinel Solution is available now

The power of Illumio available in Sentinel workbooks

Security administrators can import Illumio log data into Sentinel in order to create security queries on Illumio flow log and audits,
view analytics in out-of-the box dashboards (workbooks) and receive alerts on security events.

  • Workload Stats Workbook
    • Workload operations and investigations by VEN version, type, status and synchronization state
    • Managed and unmanaged workload counts
    • Workload counts by OS and enforcement state
  • Auditable Events Workbook
    • Counts of audit events, tampering events, and port scan events
    • Change monitoring including workloads affected by policy changes, changes by resource type and user
    • Data on all authentication events, filtered by severity and status
  • Workload Stats Workbook
    • Workload operations and investigations by VEN version, type, status and synchronization state
    • Managed and unmanaged workload counts
    • Workload counts by OS and enforcement state
  • Auditable Events Workbook
    • Counts of audit events, tampering events, and port scan events
    • Change monitoring including workloads affected by policy changes, changes by resource type and user
    • Data on all authentication events, filtered by severity and status
  • Flow Data Workbook
    • Workloads which are seeing the most traffic (inbound/outbound)
    • Services (port/protocol) that are most active
    • System traffic flow levels during time intervals (allowed, blocked, potentially blocked, unknown)
  • Workload Stats Workbook
    • Workload operations and investigations by VEN version, type, status and synchronization state
    • Managed and unmanaged workload counts
    • Workload counts by OS and enforcement state
  • Auditable Events Workbook
    • Counts of audit events, tampering events, and port scan events
    • Change monitoring including workloads affected by policy changes, changes by resource type and user
    • Data on all authentication events, filtered by severity and status
  • Flow Data Workbook
    • Workloads which are seeing the most traffic (inbound/outbound)
    • Services (port/protocol) that are most active
    • System traffic flow levels during time intervals (allowed, blocked, potentially blocked, unknown)
  • Workload Stats Workbook
    • Workload operations and investigations by VEN version, type, status and synchronization state
    • Managed and unmanaged workload counts
    • Workload counts by OS and enforcement state
  • Auditable Events Workbook
    • Counts of audit events, tampering events, and port scan events
    • Change monitoring including workloads affected by policy changes, changes by resource type and user
    • Data on all authentication events, filtered by severity and status
  • Workload Stats Workbook
    • Workload operations and investigations by VEN version, type, status and synchronization state
    • Managed and unmanaged workload counts
    • Workload counts by OS and enforcement state
  • Auditable Events Workbook
    • Counts of audit events, tampering events, and port scan events
    • Change monitoring including workloads affected by policy changes, changes by resource type and user
    • Data on all authentication events, filtered by severity and status
  • Flow Data Workbook
    • Workloads which are seeing the most traffic (inbound/outbound)
    • Services (port/protocol) that are most active
    • System traffic flow levels during time intervals (allowed, blocked, potentially blocked, unknown)
  • Workload Stats Workbook
    • Workload operations and investigations by VEN version, type, status and synchronization state
    • Managed and unmanaged workload counts
    • Workload counts by OS and enforcement state
  • Auditable Events Workbook
    • Counts of audit events, tampering events, and port scan events
    • Change monitoring including workloads affected by policy changes, changes by resource type and user
    • Data on all authentication events, filtered by severity and status
  • Flow Data Workbook
    • Workloads which are seeing the most traffic (inbound/outbound)
    • Services (port/protocol) that are most active
    • System traffic flow levels during time intervals (allowed, blocked, potentially blocked, unknown)

Illumio Sentinel Solution

resources

No items found.
Illumio Sentinel Solution

Illumio Sentinel Solution is available now

Ready to partner with Illumio?

Already an Illumio partner?