Stop the Lateral Spread of Malware
End-to-End Zero Trust for Mission Completion
The network security perimeter has been replaced by a focus on users, applications, and workloads. Federal agencies and commands must shift to a Zero Trust security strategy focused on micro-segmentation of East-West traffic to achieve mission success as part of a layered cyber defense.
Illumio’s approach to end-to-end Zero Trust through host-based micro-segmentation allows agencies and commands to support remote work operations, comply with cyber resilience standards, and enable defensive cyberspace operations (DCO).
Meet federal certification and reporting requirements
Illumio is the first enterprise segmentation vendor that is certified against the National Information Assurance Partnership (NIAP) Common Criteria Protection Profile for Enterprise Security Management, Policy Management v2.1.
Illumio certifications include:
- NIAP Common Criteria Protection Profile: Enterprise Security Management
- DHS Continuous Diagnostics and Mitigation (CDM) Approved Products List under Phase 4 for Micro-Segmentation
- FIPS 140-2
Gain real-time visibility into your application environment
Illumio’s application dependency map, Illumination, enables you to:
- Accurately identify the scope of security mandates for federal standards like OMB M-17-09, CISA BOD 18002, FISMA, DHS CDM (Continuous Diagnostics and Mitigation), NIST CSF (Cybersecurity Framework)/NIST 800-53, and CMMC/NIST 800-171, and NIST 800-207
- Design Zero Trust micro-perimeters across your on-premises data center, multi-cloud, hybrid cloud, containers, and endpoints
Reduce your dynamic attack surface
Host-based micro-segmentation breaks up your attack surface and gives you granular control to:
- Obstruct lateral movement attacks and contain the spread of ransomware
- Enable firewall change management to keep up with remote work, IT Ops, DevOps, and security operations
- Continuously maintain your segmentation posture
- Deliver Zero Trust “at birth” of new workloads and containers
Achieve faster and safer end-to-end Zero Trust
Illumio programs the native firewalls in each host to:
- Enable micro-segmentation that scales across heterogenous systems, virtual machines, and containers.
- Seamlessly integrate with hardware firewalls, load balancers, routers, and NAC.
- Avoid risks, costs, and complexity from re-architecting the network and deploying more firewalls.
- Take advantage of integrations with hardware firewalls and EPP to align Zero Trust policies across your security investments.
ACC on Zero Trust Architecture
"Zero Trust Architecture (ZTA) is the future of cyber security within the Air Force … I’m passionate that zero trust networks are the key for how we achieve cyber space superiority in the 21st Century … Zero trust is about a strategy."
Lt. General Chris Weggeman, Deputy Commander, ACC (Air Combat Command), USAF
Accelerating DISA’s Zero Trust Adoption
"The move to maximum telework has also accelerated a cybersecurity paradigm shift that we will outline in our upcoming ‘zero trust’ reference architecture. … We are moving towards more micro-segmentation in this cybersecurity model with zero trust."
Vice Adm. Nancy A. Norton, DISA Director
“Illumio allows us to see all of the communication flows in our live production environment and to test firewall rules without facing outages. Implementation was was easy and we were making configs within 2 days.”
“Excellent platform for visualizing network traffic and protecting high value applications.”
“Illumio Is An Excellent Network Segmentation Platform. Illumio has been an excellent partner and has shown their commitment to ensuring that our project has been successful.”
“Excellent product covering a wide range of operating systems with a highly integrated and ergonomic management interface.”
“We needed to do segmentation without readdressing or migrating servers to new VLANs. Illumio’s maps show clearly who is talking to who.”
"Illumio provides a level of visibility of the network to a new level. Intuitive GUI which helps with explaining this critical technology to application teams."
“Product has provided solid results allowing us to meet commitments for regulatory requirements, customer demand for the financial business services we provide.”
“Illumio made it possible for us to move workloads from on-prem to the Azure cloud and then to the AWS cloud easily, and not compromise any of the security for our Windows workloads.”
“We had a compliance need which required us to enable firewalls on approximately 500 internal systems within a 3-month period. Without the ability to map and visualize traffic … we would not have been able to achieve the goal within the timeline.”
“Illumio provides an intuitive, reliable and easy to deploy micro-segmentation solution. Illumio customer support, training and vendor engagement & service is excellent.”
“From purchasing to implementation the Illumio team has been well organized. Their technical skills and project management has been outstanding as we worked to implement their product into my environment. They have put me at ease every step of the way.”
Illumio App for Splunk: Enabling Security Operations and Zero Trust in Federal Agencies
- Lt. General Chris Weggeman, "ACC Looks to Zero Trust Architecture for Network Security," by Haley Brown, Air Combat Command Public Affairs, Air Combat Command, February 25, 2020 (accessed 28 January 2021).
- Vice Adm. Nancy A. Norton, "Telework Accelerates DISA’s Zero-Trust Adoption," MilitarySpot, December 2, 2020 (accessed 28 January 2021).