Enhancements in the new version include adding reducing the time it takes to protect against attacks, by providing more flexibility to automated security enforcement, by improving Intelligent Visibility and by adding new SuperClusters to scale up the number of supported workloads.
Today Illumio, a cybersecurity company oriented around Zero Trust Segmentation, has announced enhancements to their Illumio Core SaaS Zero Trust Segmentation platform. Automated security enforcement, which significantly reduces time needed to achieve Zero Trust, has been made more flexible to allow customers to deploy it at their own pace. App Owner View is another feature that reduces time to Zero Trust, scaling segmentation initiatives by creating software-defined perimeters around individual application instances. , The third new enhancement is SuperClusters, to make it even easier to enforce more than 100,000 workloads, and to do it easily over a broad range of geos.
“Our core differentiation in the market is that we are laser focused on solving the Zero Trust segmentation problems in peoples’ data centres and clouds,” said PJ Kirner, Illumio’s Co-Founder and CTO. “ASP [Adaptive Security Platform] was our first product, from 2015, which evolved into Illumio Core in 2018. Illumio Edge is our second product, and is focused on the endpoint. The same underlying engine powers both, but they are targeted at different customers and different spaces.
“One architectural approach we took was to build a segmentation system that’s independent of the network, effectively decoupling them,” Kirner added. “Networking is about connecting everyone. Segmentation is kind of the opposite. So this creates secure enclaves for us to protect.”
Kirner emphasized that while Zero Trust as a concept is fairly new, and comes in many flavours that tends to confuse customers, it is based on concepts that Illumio has been doing for years.
“There is a lot of noise around Zero Trust, and there are multiple approaches,” he said. “We focus on the workload part and the network segmentation part. However while the concept of Zero Trust is new, Least privilege access has been around for years, and is something we have been doing for years. We didn’t build our networks with the Least Privilege model. We should have, but we just didn’t have the tools to do it then. Now we help people build their networks in ways that conform with the core security goals of least privilege. So Zero Trust is a reinvigoration of age-old security products we knew were good.”
The enhancements in this version begin with tweaking capabilities around existing Automated Security Enforcement. Customers can now immediately enforce security policy across an entire organization, as before, or they can now choose to selectively and progressively enforce policy one service at a time. This lets them deploy automated policies at scale and within minutes, or at their own pace.
“It was fully automated before, because the focus is cutting time to achieve Zero Trust,” Kirner said. “This lets them minimize the time to get from zero to the first step in that Zero Trust journey if they want to do it that way. We had a pharma company we worked with recently, that had OT systems that talked with IT systems in Azure. They feared a compromise in the OT systems could spread laterally and take out the IT systems as well as their ability to make their product. So they brought us in for this specific task. In three days, we could implement that policy and prevent that lateral movement and reduce the risk. Automation cuts down that time, and now these new enforcement boundaries lets you define it in a quick way.”
Another innovation is in the Intelligent Visibility provided by App Owner View. It lets admins assign granular permissions to app owners, allowing them to see only their apps and author their respective policies. This lets DevOps and application teams better monitor workloads coming in and out of applications hosted in public clouds to simplify and secure cloud migrations and automate multi-cloud security.
“App Owner View is a view of the world that cuts out all the noise with a very focused view of the world, which better enables the DevSecOps model,” Kirner indicated. “We have tuned the product to improve this.”
The third major enhancement is the ability to facilitate Zero Trust Segmentation fail at scale, to make it easier to enforce more than 100,000 workloads in cloud, hybrid, and on-premises environments.
“It allows is to build large global deployments, involving not just the number ow workloads, but geographic scale as well,” Kirner said. Ironically, while Illumio started out serving very large customers most likely to use this feature, they now serve a broader range of customers.
“The rise of ransomware did that,” Kirner said. “It definitely made us more
size-agnostic.”
Kirner strongly emphasized the importance on the Zero Trust journey of being able to show small wins on that journey, and that these new enhancements facilitate that.
“Zero Trust is a journey and for some, it can be a long journey,” he stressed. “You need small wins to show you are making progress on that journey. These enhancements show how you get those wins, and how you move the incremental ball ahead. Enforcement boundaries fuel small segmentation wins. The improved visibility shows how you can do things safely. People can get paralyzed because they don’t know what to do first. We want to show customers how to do these things quickly and safely.”