Adaptive Security Platform

How it works

Stop lateral movement in your data center and cloud environments with the Adaptive Security Platform (ASP). See how applications are communicating, get vulnerability exposure insights, then take control. Create security segmentation policies that work on anything (bare-metal, virtual machines, and containers).

Architecture overview


Adaptive Security Platform

Illumio ASP is uniquely designed to enable you to use the enforcement points that already exist in your infrastructure to improve your data center and cloud security. No additional hardware or re-architecting your network.

Learn more

Virtual Enforcement Node (VEN)

Not just any lightweight agent – acting more like an antenna than an agent, the VEN is a core component of Illumio ASP. It sends and receives information, programs pre-existing enforcement points, and detects policy violations.

Learn more

Policy Compute Engine (PCE)

The "brain" of Illumio ASP. The PCE builds a live map using the information shared from the VEN showing how applications are communicating and creates optimal security policies based on those insights.

Learn more




A real-time application dependency map that shows you how apps are communicating.

Learn More

Policy Generator

Create optimal segmentation policies in minutes.

Learn More


Search and analyze historical records of traffic between workloads.

Learn More

Secure Connect

Protect data in transit and execute workload-to-workload encryption.

Learn More

Vulnerability Maps

See which applications are connecting to vulnerable ports in real time.

Learn More

Segmentation Templates

Instantly secure critical off-the-shelf applications with tried-and-tested templates.

Learn More