Users on a network can attempt to connect to any internal application, regardless of whether they are credentialed to access them. This means unauthorized users can gain access to sensitive data and applications with stolen credentials, weak passwords, or through force by exploiting an application vulnerability. Network Access Control (NAC) solutions aim to prevent unauthorized access by lumping groups of users into VLANs and firewall zones, but heavy reliance on the physical network makes these solutions hard to deploy and difficult to maintain.
Illumio ASP allows you to define policy with user profile information from Microsoft Active Directory (AD) for micro-segmentation. With user segmentation policy, Illumio ASP dynamically enforces connectivity to applications so users can only use the applications they’re authorized to access, minimizing risk across the environment.
Illumio ASP dynamically enforces visibility to applications based on user identities to ensure that users can only see the applications they’re authorized to access.
Illumio ASP enforces user segmentation by leveraging existing user profile information and with no additional infrastructure changes.