What’s New With Illumio: Security Without Infrastructure Dependencies
It’s been a little bit over three years since Illumio emerged from stealth with its Adaptive Security Platform (ASP), which leverages micro-segmentation to offer security with granular visibility across data center and cloud environments. If you’re new to micro-segmentation or Illumio, check out A Look At Illumio’s Adaptive Security Platform for a good starting point and watch our VMworld 2016 video interview with Illumio.
Three years ago, the company was focused on educating IT professionals about what micro-segmentation actually is. Today, Illumio is finally starting to see segmentation projects being included in organizations’ core data center and cloud strategies.
I recently spoke with PJ Kirner, Chief Technology Officer and founder of Illumio and Alan Cohen, the company’s Chief Commercial Officer, to learn more about where micro-segmentation is today and where the company is headed this year.
Illumio’s Rapid Growth
Illumio is growing fast. The company is at well over 200 employees and is projected to be between 350 and 400 by 2019. Cohen shared that the company has been proving itself in some impressively large deployments with customers who have 60,000 physical and virtual servers under management.
The market is experiencing tremendous growth. Kirner says that today’s IT pros not only understand micro-segmentation, they have a good grasp of the competitive landscape as well.
“Recently, we’ve been meeting people who when they introduce themselves at the start of the conversation, they say ‘I’m in charge of micros-segmentation’,” says Kirner.
Cohen added that they recently came across a job posting from one of their customers in Columbus, Ohio for an Illumio Administrator. This just proves that the technology is now being recognized as a key security control.
The big driver for micro-segmentation adoption has been IT compliance, with companies mandating segmentation as acceptable control, according to Kirner. Banking, healthcare, services companies, law firms and other highly regulated industries are recognizing the use case for micro-segmentation to protect their high-value assets from being compromised.
More and more organizations are starting to recognize that the traditional perimeter security technologies and infrastructure-based solutions are simply insufficient in a dynamic and distributed world.
All of these factors are becoming drivers for software-based architectures addressing micro-segmentation. And although there aren’t very many micro-segmentation solutions available on the market today, during our conversation Kirner pointed out that there is a growing maturity in how to compare the different platforms that are available, including VMware’s NSX, Bromium and Illumio.
The Competitive Landscape For Micro-Segmentation
One of Illumio’s big strengths is that it’s ideal for heterogeneous environments. Whereas organizations that are 90 percent VMware shops will opt for VMware’s NSX, those with a mixed environment are more likely to consider Illumio.
“Most of our wins are where you have VMware, you might still have bare metal, containers that might not be in a virtualized environment, and public cloud,” says Kirner. “And a lot of our customers are doing multi-public cloud.”
Cohen added that Illumio has always been in an infrastructure agnostic and cloud-centric position, working with all public cloud providers.
What’s also important to note is that there are a number of organizations utilizing NSX for network virtualization and Illumio for visibility and micro-segmentation.
“There’s a value proposition for both of these products,” says Cohen referring to NSX and Illumio, “they do things in slightly different ways, and we have customers who use the best of both.”
There are also some micro-segmentation players who seem to have left the market for the most part, including vArmour and CloudPassage.
What’s New With Illumio?
In the last year, Illumio has been focused on helping organizations quickly get started with using the Adaptive Security Platform for micro-segmentation. In the last six months, Illumio has introduced new key capabilities that help organizations work at scale, as the company has been working with, and learning from, customers who have tens of thousands of workloads.
“What we’ve learned early on is that illumination, which is our application dependency mapping set of features tightly coupled with being able to author and develop segmentation and micro-segmentation policy was key to our early success,” Kirner told me. “So what we have done in the last six months is we’ve doubled down on that.”
Illumio now has a set of features that focus on improving Illumination. One of these is an explorer which allows you to ask interesting questions about your segmentation policies, traffic flows and other things to help you understand your environment, Kirner explains. The other is a policy generator, which leverages the underlying graph engine to automatically suggest new policies based on historical traffic data and author the policies as well. This is all to make it easier for customers to understand and take action within their unique environments.
Cohen adds that this is a whole different paradigm from what IT professionals are used to, so these types of automated discovery and suggestion tools are extremely helpful in getting organizations quickly started with utilizing Illumio. This is especially true for smaller shops with limited IT resources and expertise in micro-segmentation, or in M&A scenarios where the people and knowledge about the current environment might be gone completely.
To learn about Illumio’s new explorer and policy generator features or to get an introduction to the Adaptive Security Platform, you can request a live demo at illumio.com/experience-illumio. To learn more about using micro-segmentation to secure your heterogeneous environment, read Illumio’s how-to guide.