Illumio ASP is a distributed software platform designed to continuously protect communications within and across tiers of applications, wherever they are running. It creates secure and granular segmentation to compartmentalize workloads and applications, reducing the attack surface exposed to cyber vulnerabilities.
Illumio ASP is decoupled from the infrastructure. It supports all modern server computing formats (Windows/Linux, virtual machines, containers) and all computing environments (data center, private and public cloud). View Data Sheet »
The Policy Compute Engine (PCE) is the central brain of the Illumio ASP. It constantly computes the optimal security policy and enforcement for the workloads and applications under management. The PCE:
The Virtual Enforcement Node (VEN) is a lightweight software agent that is installed in the operating system of any server, VM, or container. It collects telemetry (network flows, workload information) and programs the native stateful firewall in the host (iptables in Linux, Windows Filtering Platform). The VEN:
Illumio’s declarative policy model allows IT and security teams to describe in natural language how applications are segmented from an operational perspective.
Accelerate the deployment of security and reduce risk caused by errors with ready-to-deploy templates and integration with existing tools and workflows.
Illumio ASP extends adaptive security to more enforcement points, using what you already have—including F5 BIG-IP Local Traffic Manager (LTM). The integration with F5 BIG-IP LTM enables dynamic programming of ACLs on the F5 BIG-IP based on application changes (e.g., scale out). You get greater value from your IT investments and achieve application segmentation across your F5 BIG-IP LTMs.