SWIFT Customer Security Controls Framework

Quickly Secure Your Global SWIFT Infrastructure

SWIFT requires that members self-attest compliance with mandatory security controls. The SWIFT Customer Security Controls Framework comprises a core set of mandatory and advisory security controls for all SWIFT members. All controls are articulated around three overarching objectives—Secure Your Environment, Know and Limit Access, and Detect and Respond—and are supported by 8 security principles and 27 security control objectives.

Illumio Core™ prevents the spread of breaches with real-time application dependency mapping and security segmentation. Enterprises use Illumio to achieve and demonstrate SWIFT compliance. Illumio Core addresses seven of the sixteen mandatory controls.


Execute a Zero Trust security strategy

Enable segmentation with orchestration and analytics to protect financial systems from lateral movement attacks.

  • Gain real-time visibility into connections and flows across financial applications.
  • Understand the attack surface with the combination of an application dependency map and a vulnerability map.
  • Create security segmentation policies that follow the workload.
  • Continuously detect for change, unauthorized connection attempts, and policy deviations.
  • Integrate with third-party security information and event management (SIEM) and orchestration tools.

Use the enforcement points that you already have

Avoid cost and complexity that stems from re-architecting networking backbone and introducing more networking/SDN and data center firewalls resources.

  • Program the existing host-based stateful firewalls in every workload (with no kernel modifications), programming access control lists (ACLs) into bare-metal, virtual machines, load balancers, and existing switches.
  • Enforce data-in-motion encryption by programming IPsec connectivity between Linux or Windows workloads without requiring changes or an upgrade to the network infrastructure.
  • Secure enterprise Microsoft applications with out-of-the-box Segmentation Templates.

Enable security segmentation across heterogeneous compute environments

Deliver a single control plane for architecting and operationalizing security across microperimeters

  • Create security segmentation policies across bare-metal, virtual machines, clouds, containers, load balancers, and switches.
  • Program the custom level of segmentation granularity— from environmental separation to process-level control and micro-segmentation.
August 23, 2019

"We had a compliance need which required us to enable firewalls on approximately 500 internal systems within a 3-month period. Without the ability to map and visualize traffic ahead of setting up firewall policies for these systems, we would not have been

Read More

Try Illumio Edge

Swag Request

Try Illumio Core