Illumio’s adaptive segmentation capabilities lets organizations understand and protect their computing assets in minutes, across a range of formats in both data centers and public clouds.
The result? Faster time to segmenting high-value assets from bad actors, all while reducing the complexity and cost of traditional infrastructure approaches.
With a patented, software-only architecture, the Illumio Adaptive Security Platform (ASP)TM provides the new foundation for data center and cloud security by offering a range of segmentation options, including micro-segmentation, and the following highlights:
- Adaptive segmentation that continuously adjusts to changes in the application environment in real time to keep segmentation enforcement intact. Illumio adaptive segmentation includes coarse-grained segmentation, micro-segmentation, nano-segmentation, and user segmentation.
- Coordinated enforcement of adaptive segmentation policy in the workload, network, and through cloud security controls.
- Live visibility of applications, their components, and traffic flows across all environments, including private data centers and public and hybrid clouds.
- Encryption of data in motion with policy-based AES-256 IPsec encryption between a mix of Linux/Windows workloads or Linux/Windows workloads and VPN gateways within and across cloud environments and private data centers.
- No dependency on the underlying infrastructure to support new or existing environments with bare-metal, virtualization, or containers on premises, in the cloud, or across hybrid deployments.
- Auto-discovery and segmentation policy recommendations or the ability for administrators to define declarative, natural language segmentation policies.
- Modeling of policy to understand policy impact to the application environment without breaking application functionality.
Key benefits include:
- Eliminating blind spots inside data centers and the cloud, and regaining control of your application environment.
- Control lateral movement by protecting the 80 percent of data center and cloud traffic that is invisible to perimeter firewalls.
- Immediately detecting unauthorized activity and stopping breaches in their tracks.
- Enabling secure connectivity inside and between cloud environments and private data centers with simple policy-based IPsec encryption.
- Eliminating service delivery delays and deploying applications with security in hours versus days to weeks.
- Decreasing the number of firewall rules inside the data center by over 95 percent.
- Making your investments in security detection solutions more effective through reducing investigations of unauthorized communications.
- A single solution to protect your applications running in bare-metal, virtualized, or containerized environments on premise, in the cloud, or across hybrid cloud deployments.