SecureConnect enables you to protect data in motion and execute workload-to-workload encryption via the built-in encryption capabilities of the workloads’ operating systems.
Many compliance regimens and risk frameworks compel organizations to encrypt data in motion. For data moving between data centers, you can deploy dedicated security appliances, such as VPN concentrators, to implement IPsec-based communication across open untrusted networks. However, encrypting data in motion within a public cloud, or between the data center and public cloud, is not straightforward. Deploying dedicated security appliances to protect workloads will not scale in those scenarios, especially across public clouds. Managing IPsec connections becomes more complex as the number of host increases.
SecureConnect enables instant host-to-host traffic encryption between workloads by leveraging built-in host-based encryption capabilities. The Policy Compute Engine (PCE) centrally manages all traffic encryption for workloads so that it can be policy driven. SecureConnect reduces the complexity of configuring IPsec encryption and auto-scales per your organization’s policy definitions.
Discover how to easily encrypt data in motion to meet compliance requirements with Illumio SecureConnect
Illumio Core uses the most secure encryption supported natively by the operating system. Both pre-shared key and certificate-based IPsec are supported.
Examples of SecureConnect’s most common use cases include:
- Encrypting confidential data in motion for PCI compliance.
- Off-site backup and recovery of data across geographically distributed data centers.
- Compliance requirements to secure communications across applications and application tiers.
- Secure data migration across public cloud providers.
Take control of host-based native encryption libraries
All of the workloads in your data center and public cloud have native IPsec capabilities—the difficulty is in configuring them. Illumio Core allows you to choose how to encrypt traffic and then provisions and manages each host’s configuration to ensure successful IPsec. What’s more, Illumio Core does not use proprietary encryption; it uses what is already in the operating system.
Enable encryption of data in motion across heterogeneous environments
SecureConnect enables you to establish secure connectivity for paired workloads within and across private data centers, public cloud, and hybrid cloud environments. It encrypts data in motion between Windows and Linux workloads and even supports tunnel mode, which allows Illumio Core to terminate IPsec in existing VPN appliances.
Eliminate complexity in VPN architectures
SecureConnect eliminates traffic steering through chokepoints and performance hits to throughput and prevents high-availability performance issues for mission critical operations. You also avoid the need for dedicated site-to-site VPN configurations and complicated key management.
Policy Compute Engine (PCE) Overview
Illumio Corporate Overview
© 2023 Illumio