Illumio is making its mark when it comes to security in the data center, introducing capabilities for several leading infrastructure players.
The company says it is taking ‘another step forward’ in making its Adaptive Security Platform (ASP) the new foundation for data center and cloud security with what it says is industry-first capabilities and support for ACLs on Cisco and Dynamic Filters on Arista data center network switches, as well as AWS Security Groups and Azure Network Security Groups.
"As segmentation becomes the core strategy for data center and cloud security, organisations are now looking at how other elements of their compute environment can be used to enforce these policies," explains PJ Kirner, chief technology officer and founder of Illumio.
"Our customers have asked us to efficiently coordinate policy across their data center and cloud environments, simplifying management of the security control plane,” Kirner says.
“This expansion of our platform builds on our previously demonstrated capability of programming the F5 LTM and AFM and represents our next step towards Illumio's vision for adaptive segmentation."
Kirner says organisations are looking at segmentation to move beyond reactive breach detection solutions to a proactive protection model that stops the lateral movement of bad actors. However, that shift often comes with additional operational overhead and inconsistent policies that don't scale across their environments, he says.
"Despite the rapid increase in cybersecurity spending focused on implementing stronger security controls to limit access to sensitive data and applications – organisations of all sizes don't always end up with more secure environments," adds Jon Oltsik, ESG's senior principal analyst and founder of the firm's cybersecurity service.
"The ability to drive segmentation in depth throughout the data center and cloud can be a critical next step in securing data center and cloud environments."
By extending Illumio ASP's enforcement point ecosystem from the workload (bare-metal servers, virtual machines, containerised hosts) to the additional security controls in the network and cloud, Illumio says it is delivering on the promise of segmentation and is ending the need to manage multiple, disconnected policy models.
Eric Hanselman, chief analyst of 451 Research, adds, "One of the biggest challenges in security is battling complexity and that's amplified by increasing heterogeneity that we see in customer data centers and cloud environments.
“Legacy infrastructure combined with virtualisation and cloud means there is opportunity for coordinated points of policy enforcement," he says.
"We see segmentation in depth addressing a real requirement for customers who are looking to both strengthen security and simplify operations by centralising and harmonising policy and enforcement across different environments,” says Hanselman.