Illumio Edge Architecture Overview


Illumio Edge delivers visibility and segmentation
to stop lateral movement between endpoints.



With easy cloud-based deployment and a lightweight agent that follows the user, Illumio Edge makes use of existing host firewalls to enforce security on endpoints.


This all starts with a different approach to segmentation – at an architectural level. Illumio Edge is not tied to your network. This foundation eliminates the limitations and challenges of network-based segmentation.

Illumio Edge Architecture

Architecture_Overview_Diagram_30JUNE2020_Background-01_0.png

Core Components

Virtual Enforcement Node

Illumio Edge’s Virtual Enforcement Node (VEN) is a lightweight agent that runs on your organization’s end-user laptops. But it’s not your average agent. It uses virtually no CPU, won’t bring down network performance, and has proven its resiliency in the data center.

The VEN is completely invisible to the user but gives you visibility of every flow in and out of their machines. It collects that context and telemetry and sends it to the Policy Compute Engine.

CrowdStrike customers will be able to use the Falcon agent with Illumio Edge as of July 2020. Read more about it here.

Cloud-Delivered Policy Compute Engine

Illumio Edge's Policy Compute Engine (PCE) uses endpoint visibility and telemetry as the basis for building the perfect allowlist policy. Once created, the PCE sends these policies back to the endpoint VEN that programs the Windows-based firewall with the right policy. The policy only allows specific, allowlisted inbound connections, dramatically reducing the risk of malware and ransomware spreading from machine to machine.

As a cloud offering, the PCE is hosted and managed by Illumio, with its intelligence and policy orchestration occurring in the cloud. This means there’s no management or operational expenses for your team.

Core Capabilities

edge-architecture-overview-check-mark

Cloud-delivered

edge-architecture-overview-check-mark

Distributed enforcement for massive scale with no performance impact

edge-architecture-overview-check-mark

Lightweight agent lets security follow the user

edge-architecture-overview-check-mark

Automated Zero Trust policy

edge-architecture-overview-check-mark

Off-network protection

edge-architecture-overview-check-mark

Network agnostic – zero configuration
to existing network

edge-architecture-overview-check-mark

Complementary to EDR and endpoint security solutions, including CrowdStrike agent integration

edge-architecture-overview-check-mark

Endpoint-to-endpoint visibility

edge-architecture-overview-check-mark

Uses native OS firewall

edge-architecture-overview-check-mark

No host OS overhead

Illumio Edge Features

Find out more about how it works.

architecture-overview-ipad

Resources

Product Datasheet

Illumio Edge: Endpoint Zero Trust

Download datasheet

Video

Achieving Effective Zero Trust for the New World

Watch video

Research report

Security Risks 2021: Ransomware and the Return to the Office

Read report

Try Illumio Edge

The browser you are using doesn't support our submission form. Please consider an alternative browser or disabling the private browsing feature.

A phone call works too: 1-855-426-3983

Swag Request

The browser you are using doesn't support our submission form. Please consider an alternative browser or disabling the private browsing feature.

A phone call works too: 1-855-426-3983

Try Illumio Core

The browser you are using doesn't support our submission form. Please consider an alternative browser or disabling the private browsing feature.

A phone call works too: 1-855-426-3983