SecureConnect enables instant host-to-host traffic encryption between workloads by leveraging built-in host-based encryption capabilities. The Policy Compute Engine (PCE) centrally manages all traffic encryption for workloads so that it can be policy driven. SecureConnect reduces the complexity of configuring IPsec encryption and auto-scales per your organization’s policy definitions.
The Adaptive Security Platform® (ASP) uses the most secure encryption supported natively by the operating system. Both pre-shared key and certificate-based IPsec are supported.
Examples of SecureConnect’s most common use cases include:
All of the workloads in your data center and public cloud have native IPsec capabilities—the difficulty is in configuring them. Illumio ASP allows you to choose how to encrypt traffic and then provisions and manages each host’s configuration to ensure successful IPsec. What’s more, Illumio ASP does not use proprietary encryption; it uses what is already in the operating system.
SecureConnect enables you to establish secure connectivity for paired workloads within and across private data centers, public cloud, and hybrid cloud environments. It encrypts data in motion between Windows and Linux workloads and even supports tunnel mode, which allows Illumio ASP to terminate IPsec in existing VPN appliances.
SecureConnect eliminates traffic steering through chokepoints and performance hits to throughput and prevents high-availability performance issues for mission critical operations. You also avoid the need for dedicated site-to-site VPN configurations and complicated key management.