Stop the Lateral Spread of Cyberattacks
Zero Trust Segmentation for Improved Cybersecurity
Relying on perimeter security alone won’t protect federal agencies and commands from cyberattacks, including ransomware. Federal organizations and commands need to shift to a Zero Trust security strategy with micro-segmentation of East-West traffic as the foundation.
Zero Trust micro-segmentation with Illumio helps agencies and commands build a scalable Zero Trust architecture, support remote work, comply with cyber resilience standards, and enable defensive cyberspace operations (DCO). Governmental organizations can accelerate their time to Zero Trust enforcement with minimum disruption and risks to their digital infrastructure.
Gain intelligent real-time visibility into your application environment
Illumio’s application dependency map, Illumination, helps you:
- Gain unified and intelligent visibility of your users, endpoints and workloads across your data center, hybrid cloud and multi-cloud environments.
- Use robust RESTful API partner integrations to achieve continuous evaluation and validation of requests to connect (from users, devices, workloads and containers) at every transaction.
- Accurately identify the scope of security mandates for federal standards like OMB M-17-09, CISA BOD 18002, FISMA, DHS CDM (Continuous Diagnostics and Mitigation), NIST CSF (Cybersecurity Framework)/NIST 800-53, CMMC/NIST 800-171, and NIST 800-207.
- Design and test Zero Trust microperimeters across your on-premises data center, multi-cloud, hybrid cloud, containers and endpoints without breaking applications.
Reduce your dynamic attack surface
Host-based micro-segmentation reduces your attack surface and gives you granular control to:
- Work with existing networking and security systems to apply the right level of least-privilege granularity.
- Obstruct lateral movement attacks and contain the spread of ransomware.
- Enable firewall change management to keep up with remote work, IT Ops, DevOps and security operations.
- Continuously maintain your segmentation posture and enhance security operations.
- Deliver Zero Trust “at the birth” of new workloads and containers.
Implement Zero Trust faster
Illumio helps you program the native firewalls in each host to:
- Decouple segmentation policy management from the network layer to avoid expensive infrastructure “rip-and-replace" upgrades.
- Automate enforcement of security policies from a small number of workloads to workloads spanning an entire organization.
- Support micro-segmentation that scales across heterogenous systems, virtual machines and containers.
- Seamlessly integrate and co-exist with SDN, hardware firewalls, load balancers, routers and network access controls (NACs).
- Avoid risks, costs and complexities from re-architecting the network and deploying more firewalls.
- Take advantage of integrations with hardware firewalls and endpoint protection tools to align Zero Trust policies across your security technologies.
Meets federal certification and reporting requirements
Illumio complies with federal cybersecurity, data protection, cyber-resiliency and cloud transformation initiatives. Illumio is the first enterprise segmentation vendor that is certified against the National Information Assurance Partnership (NIAP) Common Criteria Protection Profile for Enterprise Security Management, Policy Management v2.1.
Illumio certifications include:
- NIAP Common Criteria Protection Profile: Enterprise Security Management
- DHS Continuous Diagnostics and Mitigation (CDM) Approved Products List for Micro-Segmentation
- FIPS 140-2
U.S. Air Combat Command’s Zero Trust Strategy
“Zero Trust Architecture (ZTA) is the future of cybersecurity within the Air Force…I’m passionate that Zero Trust networks are the key for how we achieve cyber space superiority in the 21st century against the nation states and the cyber hacktivists…Zero Trust is about a strategy.”
Lt. General Chris Weggeman, Ret., Former Deputy Commander, U.S. Air Combat Command (ACC)
Accelerating DISA’s Zero Trust Adoption
"The move to maximum tele-work has also accelerated a cybersecurity paradigm shift that we will outline in our upcoming Zero Trust reference architecture...We are moving towards more micro-segmentation in this cybersecurity model with Zero Trust."
Vice Admiral Nancy A. Norton, Ret., Former Director, U.S. Defense Information Systems Agency (DISA)
Illumio Wins SBIR Phase II Award to Accelerate U.S. Department of the Air Force Adoption of Zero Trust Strategy
Illumio App for Splunk: Enabling Security Operations and Zero Trust in Federal Agencies
- Lt. General Chris Weggeman, "ACC Looks to Zero Trust Architecture for Network Security," by Haley Brown, Air Combat Command Public Affairs, Air Combat Command, February 25, 2020 (accessed 28 January 2021).
- Vice Adm. Nancy A. Norton, "Telework Accelerates DISA’s Zero-Trust Adoption," MilitarySpot, December 2, 2020 (accessed 28 January 2021).
"Illumio has proven to be an invaluable tool in monitoring and identifying traffic flows within our network. The interface is clean and mostly easy to use (and constantly being improved and fine tuned)."
– Security Infrastructure Analyst, Government