User Segmentation

CHALLENGE

Users on a network can attempt to connect to any internal application, regardless of whether they are credentialed to access them. This means unauthorized users can gain access to sensitive data and applications with stolen credentials, weak passwords, or through force by exploiting an application vulnerability. Network Access Control (NAC) solutions aim to prevent unauthorized access by lumping groups of users into VLANs and firewall zones, but heavy reliance on the physical network makes these solutions hard to deploy and difficult to maintain.

SOLUTION

Illumio ASP allows you to define policy with user profile information from Microsoft Active Directory (AD) for micro-segmentation. With user segmentation policy, Illumio ASP dynamically enforces connectivity to applications so users can only use the applications they’re authorized to access, minimizing risk across the environment.

MASK APPLICATIONS FROM UNAUTHORIZED USERS

Illumio ASP dynamically enforces visibility to applications based on user identities to ensure that users can only see the applications they’re authorized to access.

  • Prevent users from connecting to unauthorized applications to increase protection.
  • Reduce potential for misuse or breach by completely removing visibility of unauthorized applications.

IMPROVE SECURITY WITH EXISTING INFRASTRUCTURE

Illumio ASP enforces user segmentation by leveraging existing user profile information and with no additional infrastructure changes.

  • Leverage profile and access details based on user profile in Microsoft Active Directory.
  • Enforce highly granular connectivity policies without changes to the network or reliance on underlying infrastructure.

Examples

  • Insurance companies that want to control contractor activity and protect data
  • Manufacturing companies that want to lock down VDI users to comply with government contracts
Building a Smart Segmentation Strategy Guide

How-To Guide

BUILDING A SMART SEGMENTATION STRATEGY

Use this guide to create a rock-solid micro-segmentation strategy in only five steps.

Get the guide »