Stop the Lateral Spread of Malware
End-to-End Zero Trust for Mission Completion
The network security perimeter has been replaced by a focus on users, applications, and workloads. Federal agencies and commands must shift to a Zero Trust security strategy focused on micro-segmentation of East-West traffic to achieve mission success as part of a layered cyber defense.
Illumio’s approach to end-to-end Zero Trust through host-based micro-segmentation allows agencies and commands to support remote work operations, comply with cyber resilience standards, and enable defensive cyberspace operations (DCO).
Meet federal certification and reporting requirements
Illumio is the first enterprise segmentation vendor that is certified against the National Information Assurance Partnership (NIAP) Common Criteria Protection Profile for Enterprise Security Management, Policy Management v2.1.
Illumio certifications include:
- NIAP Common Criteria Protection Profile: Enterprise Security Management
- DHS Continuous Diagnostics and Mitigation (CDM) Approved Products List under Phase 4 for Micro-Segmentation
- FIPS 140-2
Gain real-time visibility into your application environment
Illumio’s application dependency map, Illumination, enables you to:
- Accurately identify the scope of security mandates for federal standards like OMB M-17-09, CISA BOD 18002, FISMA, DHS CDM (Continuous Diagnostics and Mitigation), NIST CSF (Cybersecurity Framework)/NIST 800-53, and CMMC/NIST 800-171, and NIST 800-207
- Design Zero Trust micro-perimeters across your on-premises data center, multi-cloud, hybrid cloud, containers, and endpoints
Reduce your dynamic attack surface
Host-based micro-segmentation breaks up your attack surface and gives you granular control to:
- Obstruct lateral movement attacks and contain the spread of ransomware
- Enable firewall change management to keep up with remote work, IT Ops, DevOps, and security operations
- Continuously maintain your segmentation posture
- Deliver Zero Trust “at birth” of new workloads and containers
Achieve faster and safer end-to-end Zero Trust
Illumio programs the native firewalls in each host to:
- Enable micro-segmentation that scales across heterogenous systems, virtual machines, and containers.
- Seamlessly integrate with hardware firewalls, load balancers, routers, and NAC.
- Avoid risks, costs, and complexity from re-architecting the network and deploying more firewalls.
- Take advantage of integrations with hardware firewalls and EPP to align Zero Trust policies across your security investments.
ACC on Zero Trust Architecture
"Zero Trust Architecture (ZTA) is the future of cyber security within the Air Force … I’m passionate that zero trust networks are the key for how we achieve cyber space superiority in the 21st Century … Zero trust is about a strategy."
Lt. General Chris Weggeman, Deputy Commander, ACC (Air Combat Command), USAF
Accelerating DISA’s Zero Trust Adoption
"The move to maximum telework has also accelerated a cybersecurity paradigm shift that we will outline in our upcoming ‘zero trust’ reference architecture. … We are moving towards more micro-segmentation in this cybersecurity model with zero trust."
Vice Adm. Nancy A. Norton, DISA Director
“As a company, Illumio are hugely customer-focused and determined to see a successful delivery. They have been easy to work with throughout and beyond the implementation. Their product is exceedingly powerful and easy to use.”
“The solution does what we needed and is not overly complicated to maintain. The user interface is logical and easy to use.”
“Illumio has proven to be an invaluable tool in monitoring and identifying traffic flows within our network. The interface is clean and mostly easy to use (and constantly being improved and fine tuned).”
“The product has given us visibility into our network that we have not had before. I love the efficient way Illumio lays out the visibility within our systems. The layout of the SaaS implementation is very intuitive and easy to learn.”
“We needed to do segmentation without readdressing or migrating servers to new VLANs. Illumio’s maps show clearly who is talking to who.”
"Very responsive pre-sales and professional services implementation team. Project management was a particular strong point."
“One of the biggest benefits we have seen with Illumio is the ability to easily visualize data flows and dependencies between services. This has allowed us to improve solutions and tighten security without impacting service”
“Illumio made it possible for us to move workloads from on-prem to the Azure cloud and then to the AWS cloud easily, and not compromise any of the security for our Windows workloads.”
“We had a compliance need which required us to enable firewalls on approximately 500 internal systems within a 3-month period. Without the ability to map and visualize traffic … we would not have been able to achieve the goal within the timeline.”
“Illumio simplified the management of firewall rules. We were able to create rules based on observed traffic while using the product in monitor mode.”
“When we saw how much setting up traditional firewalls between all of our applications/servers, we went down the rabbit hole and discovered micro-segmentation and evaluated various vendors. Illumio was by far the best choice for us, hands down.”
- Lt. General Chris Weggeman, "ACC Looks to Zero Trust Architecture for Network Security," by Haley Brown, Air Combat Command Public Affairs, Air Combat Command, February 25, 2020 (accessed 28 January 2021).
- Vice Adm. Nancy A. Norton, "Telework Accelerates DISA’s Zero-Trust Adoption," MilitarySpot, December 2, 2020 (accessed 28 January 2021).