WHAT IS ZERO TRUST?

“Zero Trust” is all in the name. Instead of assuming internal traffic within the network is trusted and “safe” for permitted access, Zero Trust eliminates automatic access for any source – internal or external. To guide organizations in their Zero Trust journey, Forrester Research developed the Zero Trust eXtended (ZTX) framework, comprised of seven components of an enterprise ecosystem where Zero Trust principles should be applied.

Forrester recently concluded that Zero Trust can reduce an organization’s risk exposure by 37% or more. But it also found that organizations deploying Zero Trust can reduce security costs by 31% and realize millions of dollars in savings in their overall IT security budgets.”
ILL_4613_Zero Trust_Graphic_v009

Operationalize Your Zero Trust Strategy with
Micro-Segmentation

Focusing primarily on perimeter security and firewalls is no longer enough (and maybe never was enough) to prevent breaches. Many organizations are now adopting the Zero Trust security mindset of “never trust, always verify.”

Trust nothing inside or outside your perimeter.
Verify everything – every user and every device – that tries to connect to your systems and applications.
Assume your perimeter has been breached and focus on how to prevent a bad actor from moving laterally inside your environments.

This approach shifts the conversation from detection and prevention to containment and remediation – and as a result, micro-segmentation has become a foundational component for Zero Trust security.

 

Beyond the Hype: Conversations on Mobilizing Zero Trust – featuring Chase Cunningham, Forrester principal analyst serving security & risk professionals

Forrester Wave Illumio

The Forrester Wave™: Zero Trust eXtended Ecosystem Platform Providers, Q4 2019

2019Q4-forrester-wave-Zero-Trust-eXtended-Ecosystem-Platform-Providers-Leader-Badge

Illumio was named a Leader in Forrester Research’s report of security vendors who most closely align to Forrester’s framework for enabling your Zero Trust journey.

Get the detailed analysis, including evaluation of the strategic areas in which Illumio received the highest score:

  • Workload security
  • Visibility and analytics
  • Automation and orchestration
  • Manageability and usability
  • APIs
  • Vision and strategy
  • Advocacy
READ THE REPORT

HOW ILLUMIO ASP ALIGNS WITH THE ZTX FRAMEWORK

Network
Data
Workloads
People
Devices
Visibility & Analytics
Automation & Orchestration
Manageability and Usability
APIs

Network security

The Zero Trust eXtended (ZTX) framework helps you understand how a solution enables the principles of network isolation, segmentation, and security. 

Illumio’s capabilities include:

  • Default-deny micro-segmentation
  • Informed, granular policy design and testing
  • Infrastructure-agnostic enforcement
  • Violation alerts

Data Security

The Zero Trust eXtended (ZTX) framework helps you understand how a solution enables data isolation, encryption, and control.

Illumio’s capabilities include:

  • Secure data and application with microperimeters
  • Security follows the data – anywhere
  • Protection for data-in-transit

Workload Security

The Zero Trust eXtended (ZTX) framework helps you understand how a solution secures the applications and workloads you use to operate your business.  

Illumio’s capabilities include:

  • Granular policy control at massive scale
  • Process-level enforcement
  • Security follows the workload – anywhere
  • Simplified deployment

People

The Zero Trust eXtended (ZTX) framework helps you understand how a solution ensures that people only have access to what they’re entitled to in and across your network and business infrastructure. 

Illumio’s capabilities include:

  • User-based segmentation
  • Remote access control
  • Lateral movement prevention

Devices

The Zero Trust eXtended (ZTX) framework helps you understand how a solution secures the devices connected to your network. 

Illumio’s capabilities include:

  • Device-level segmentation
  • Unknown device detection
  • Device quarantine

Visibility and Analytics

The Zero Trust eXtended (ZTX) framework helps you understand how a solution can eliminate the blind spots inside and across high-value systems and infrastructure. 

Illumio’s capabilities include:

  • Live visibility across environments
  • Painless discovery and classification
  • Thorough auditing

Automation and Orchestration

The Zero Trust eXtended (ZTX) framework helps you understand how a solution enables you to automate and orchestrate IT operations and security processes across heterogenous environments.

Illumio integrates with:

  • Orchestration tools – Chef, Puppet, and Ansible
  • Container platform orchestration – Red Hat OpenShift, Kubernetes, and Docker
  • CMDBs – ServiceNow CMDB and BMC Remedy
  • SIEM and security analytics – Splunk and IBM QRadar
  • Vulnerability management tools – Qualys and Rapid 7
  • Public cloud tools – AWS Cloud Formation, AWS GuardDuty, Azure and AWS flow logs
  • Open source integrations including AWS or Azure flow logs

In addition, Illumio has demonstrated visibility and segmentation at scale – over 200,000 OS instances.

Manageability and Usability

The Zero Trust eXtended (ZTX) framework helps you understand the importance of ease of use and manageability for achieving Zero Trust.

Illumio’s capabilities include:

  • Fast time to Zero Trust – segment your environments in hours to days.
  • Leverage existing investments, including host firewalls, switches, and load balancers, to enforce segmentation across legacy and hybrid systems.
  • Enable application owners to create and update policies at scale using natural language.
  • Streamlined firewall change management process.
  • Enterprise-level RBAC to ensure segregation of duties across policy owners, provisioners, security ops, compliance, and auditors.
  • Integration with leading security tools to automate and orchestrate security workflows such as incident response, remediation, and vulnerability management.

APIs

The Zero Trust eXtended (ZTX) framework helps you understand how a solution leverages APIs to enable Zero Trust policy creation and enforcement across the enterprise.

Illumio's well-documented REST APIs support integration with a wide set of orchestration tools including:

  • OneOps
  • Chef
  • Puppet
  • Jenkins
  • Docker
  • OpenStack Heat/Murano

Illumio API documentation can be found here.

5 practical steps to enable
Zero trust security

1

USE A MAP TO IDENTIFY YOUR HIGH-VALUE SYSTEMS, CONNECTIONS,
 AND DEPENDENCIES (BUT NOT JUST ANY MAP)

Gaining deep visibility into users, devices, applications, and more is a critical first step of Zero Trust. Illumio ASP enables you to identify and visualize high-value systems and critical applications with an interactive, real-time map.

  • Map the connections and flows of sensitive data across networks, workloads, and applications. 
  • Use the insights you gain from application dependency mapping to break down organizational silos and engage business and IT stakeholders and application owners in designing Zero Trust microperimeters. 
2

ARCHITECT AND TEST YOUR ZERO TRUST SECURITY POLICIES

Zero Trust requires coordinating policies governing all of your internal defenses. Illumio ASP allows you to model and test those policies to ensure security and business continuity once it’s enforcement time.  

  • Architect the optimal micro-segmentation strategy for Zero Trust security.
  • Visualize and test policies before enforcement without breaking applications.
  • Select and apply the right level of segmentation across heterogeneous compute environments.
3

ENFORCE ZERO TRUST WITH SEGMENTATION THAT’S DECOUPLED FROM YOUR NETWORK

Effective segmentation is a core capability of Zero Trust. The key to segmenting down to a microperimeter level and maintaining policy consistently across your heterogenous environments? Illumio decouples segmentation from your network and underlying infrastructure – for a fast, safe, and effective approach to Zero Trust segmentation.

  • Use a whitelisting model to define the authorized connections between workloads and ensure policy implementation is always default-deny. 
  • Ensure security policies always follow the workloads and adapt as the workload environment changes.
  • Secure data in transit without requiring any changes or upgrade to the existing network infrastructure.
4

USE VULNERABILITY MAPPING FOR A RISK-BASED APPROACH TO PATCHING

Zero Trust is aimed at reducing your organization’s risk exposure. Illumio can help security teams prioritize patching strategies with a vulnerability map that enables you to measure – and mitigate – the risk and exposure of unpatched vulnerabilities.

  • Overlay third-party vulnerability scan data with the application dependency map to visualize and identify an attacker’s potential pathways.
  • Identify highest-risk workloads and applications based on vulnerability and East-West exposure and prioritize patching accordingly.
  • Use micro-segmentation as a compensating control for open vulnerabilities when patching is not possible.

5

ORCHESTRATE IT OPERATIONS AND SECURITY PROCESSES TO ACCELERATE REMEDIATION AND RECOVERY

Automation and orchestration are key components of Zero Trust. Illumio publishes and maintains a rich set of REST APIs so you can interface with Illumio ASP and orchestrate IT operations, security incident responses, and security operations workflows.

  • Integration with orchestration tools bakes in security in the provisioning and remediation process.
  • Quickly identify orphaned and mislabeled workloads to clean up configuration management databases (CMDBs).
  • Integration with security information and event management (SIEM) tools to orchestrate a security incident response.