Application Micro-segmentation

CHALLENGE

Organizations must protect high value applications that deliver critical services, contain sensitive data (e.g., PII), or are regulated by compliance mandates (e.g., PCI, HIPAA, SOX, etc.). Using solutions that are bound by network constructs (e.g., VLANs, subnets, and zones) and IP-based rules are cumbersome, error-prone, and lack the needed granularity to meet security requirements to stop malicious activity and lateral movement.

SOLUTION

The Illumio Adaptive Security Platform (ASP)™ secures your most valuable applications and data in minutes versus days or weeks–within or across any data center or public cloud–with adaptive segmentation.

PROTECT HIGH-VALUE APPLICATIONS WHILE REDUCING COMPLEXITY

Control sensitive east-west communications between applications, or application tiers, running on bare-metal, hypervisors or containerized workloads, within or across private data center, public cloud and hybrid cloud – all while reducing firewall rules and network complexity by over 90 percent.

  • Gain live visualization of application traffic flows in real time for easy adaptive segmentation policy creation and troubleshooting.
  • Create optimal segmentation policies in minutes with Policy Generator's automated policy recommendations to save critical time, accelerate security workflows, and reduce the risk of human errors.
  • Enforce policy with micro-segmentation down to individual workloads or with nano-segmentation down to the process level without the need for expensive internal firewalls or the need to reconfigure networks (VLANs, subnets, zones, etc.), hypervisors, or applications.
  • Ensure current and consistent protection with policy that adapts automatically to changes in the application environment, such as the addition of new capacity or movement of workloads.

MEET COMPLIANCE REQUIREMENTS IN Minutes

Meet compliance requirements (PCI, HIPAA, SOX) in minutes instead of the weeks to months it takes with traditional perimeter and network-based security solutions.

  • Get live visualization of application traffic in regulated environments to better understand workload dependencies, evaluate security posture, and correct policy violations.
  • Detail how critical environments and applications (e.g., PCI, SWIFT) are segmented with Illumination Explorer granular real-time and historical views.
  • Ensure segmentation and compliance requirements remain in sync with security that adapts automatically as the application environment changes.
  • Secure data in motion for private data center, cloud and hybrid cloud environments with policy-based AES-256 IPsec encryption between any mix of Linux and Windows workloads or Linux and Windows workloads and VPN gateways.

Examples

  • Retail customers segmenting PCI environments to protect critical data and meet compliance requirements

  • Banks protecting critical application environments to meet SWIFT and other financial industry regulations

Building a Smart Segmentation Strategy Guide

How-To Guide

BUILDING A SMART SEGMENTATION STRATEGY

Use this guide to create a rock-solid micro-segmentation strategy in only five steps.

Get the guide »