Segmentation Templates are pre-tested and validated policies that provide all the segmentation rules needed for common enterprise applications, including the following:
Segmentation Templates eliminate the need to build your own policies—instead, you can use tried-and-tested policies for well-known existing applications.
Illumio has leveraged best practices from the Microsoft Developer Network to understand the services and processes that enterprise Microsoft Windows applications use to communicate. Our resident Microsoft Certified Professional team took those best practices to create Segmentation Templates that allow you to protect critical applications such as Active Directory.
When you install a Segmentation Template, the Policy Compute Engine (PCE) web console automatically adds the necessary policy objects, such as Services, Rulesets, and Labels, to allow the communication required for that application. Security and application owners are able to prevent security gaps, especially as the environment changes and policies can be quickly deployed in minutes.
Microsoft environments must accommodate a range of dynamically used ports for remote procedure call (RPC), and networking-based solutions often leave open an entire range of ports, effectively creating a gaping security hole. The PCE is process and service aware. Using Segmentation Templates in your Microsoft environment will create and program process-level micro-segmentation rules so that only specific paths and processes will be used by the server instead of dynamic ports.