Users on a network may attempt to connect to any internal application, potentially breaching data center workloads that contain sensitive data using stolen credentials or brute force past weak passwords or by exploiting a vulnerability. Combating unauthorized access using traditional Network Access Control (NAC) solutions provides static, coarse-grained segmentation that relies on the physical network through VLANs and firewall zones.
The Illumio Adaptive Security Platform® (ASP) controls visibility to applications through existing group memberships in Microsoft Active Directory. Policies are enforced based solely on the user’s identity and group memberships with no additional infrastructure changes; two users in the same VLAN can have different policies and will only be able to connect to the applications they’re authorized to access.
Private contractors can't connect to what they can't see—even by obtaining stolen credentials or through seeking to exploit weak passwords.
Seamlessly leverage access details based on your existing profile configuration in Microsoft Active Directory, without the need to deploy or maintain a physical network-based solution.
Maintain a consistent policy with high granularity and without separately configuring applications, changing the network, or relying on underlying infrastructure.