SecureConnect enables you to protect data in motion and execute workload-to-workload encryption via the built-in encryption capabilities of the workloads’ operating systems.

icon_secureconnect_white_circle

Many compliance regimens and risk frameworks compel organizations to encrypt data in motion. For data moving between data centers, you can deploy dedicated security appliances, such as VPN concentrators, to implement IPsec-based communication across open untrusted networks. However, encrypting data in motion within a public cloud, or between the data center and public cloud, is not straightforward. Deploying dedicated security appliances to protect workloads will not scale in those scenarios, especially across public clouds. Managing IPsec connections becomes more complex as the number of host increases.

SecureConnect enables instant host-to-host traffic encryption between workloads by leveraging built-in host-based encryption capabilities. The Policy Compute Engine (PCE) centrally manages all traffic encryption for workloads so that it can be policy driven. SecureConnect reduces the complexity of configuring IPsec encryption and auto-scales per your organization’s policy definitions.

The Adaptive Security Platform® (ASP) uses the most secure encryption supported natively by the operating system. Both pre-shared key and certificate-based IPsec are supported.

 

Examples of SecureConnect’s most common use cases include:

  • Encrypting confidential data in motion for PCI compliance.
  • Off-site backup and recovery of data across geographically distributed data centers.
  • Compliance requirements to secure communications across applications and application tiers.
  • Secure data migration across public cloud providers.

SecureConnect

 

Benefits

TAKE CONTROL OF HOST-BASED NATIVE ENCRYPTION LIBRARIES

All of the workloads in your data center and public cloud have native IPsec capabilities—the difficulty is in configuring them. Illumio ASP allows you to choose how to encrypt traffic and then provisions and manages each host’s configuration to ensure successful IPsec. What’s more, Illumio ASP does not use proprietary encryption; it uses what is already in the operating system.


ENABLE ENCRYPTION OF DATA IN MOTION ACROSS HETEROGENEOUS ENVIRONMENTS

SecureConnect enables you to establish secure connectivity for paired workloads within and across private data centers, public cloud, and hybrid cloud environments. It encrypts data in motion between Windows and Linux workloads and even supports tunnel mode, which allows Illumio ASP to terminate IPsec in existing VPN appliances.


ELIMINATE COMPLEXITY IN VPN ARCHITECTURES

SecureConnect eliminates traffic steering through chokepoints and performance hits to throughput and prevents high-availability performance issues for mission critical operations. You also avoid the need for dedicated site-to-site VPN configurations and complicated key management.