Improving Cybersecurity in the Data Center and Cloud

DZone 's Guide to

Improving Cybersecurity in the Data Center and Cloud

Innovations eliminate manual work associated with traditional network segmentation and micro-segmentation helping to improve various points of security concern.

· Security Zone ·
Free Resource

Thanks to PJ Kirner, Co-Founder and CTO, and Alan Cohen, Chief Commercial Officer for sharing with me how Illumio secured three technology patents from the U.S. Patent and Trademark Office for its cybersecurity platform that enables developers to integrate security into their software development lifecycle more easily. Illumio is making adaptive segmentation faster for all companies to deploy for data centers and cloud security. The news also awards Illumio’s ability to improve the cyber posture of how segmentation is achieved.

“Despite some of the security benefits network segmentation and micro-segmentation can provide, too often we hear from our customers that they increase operational overhead, take too many people to implement, or are too expensive,” said PJ. “We are missioned to help organizations model and test policies before they put them into widespread production in the largest data center and cloud deployments in the world, as evidenced by our traction with nine of the largest 15 financial institutions and four of the largest seven SaaS providers. The patents recently awarded to Illumio mark our R&D investment in making segmentation more secure and more operationally efficient for all companies to adopt as the new foundation for their data center and cloud security.”

Three U.S. patents were awarded for Illumio’s inventions in:

  • Automating Segmentation Policy

  • End-to-End Policy Enforcement

  • Predictive Packet Analysis

Automating Segmentation Policy

A common challenge with micro-segmentation is having the resources needed to determine and create the policies that are critical to securing business applications. Through this patent, Illumio Adaptive Security Platform™ now offers an automated way for customers to generate and set rules for all applications running in bare-metal, virtualized, or containerized environments as well on-premises, in the cloud, or across hybrid cloud deployments. This innovation in automation accelerates deployment times and reduces operational costs for Illumio’s customers by eliminating error-prone and slow manual processes.

End-to-End Policy Enforcement

Securing midpoint devices (e.g. load balancers) can introduce complexities for organizations aiming to achieve end-to-end security. That’s because visibility is typically lost as teams write a policy from the client-side to the midpoint device, and then write another disconnected policy from the midpoint device to the server. Illumio’s innovation introduces the ability to write policies in a consistent way to and through midpoint devices for end-to-end policy enforcement and, further, makes it easier for companies to gain the benefits of segmentation.

Predictive Packet Analysis

One of Illumio’s core philosophies is built around allowing customers to model policy within their infrastructure (e.g. running a policy to determine whether a firewall will block a critical network packet). This enables customers to explore and gain visibility into what specifically would happen if they were to change something within their data center or cloud environment and predict the impact. Illumio calls this concept predictive modeling, and its packet analysis patent is one small part of that larger goal.

Ultimately Illumio is promoting DevSecOps by putting security in the beginning of the SDLC and tearing down silos across departments so that everyone is invested in developing and releasing secure code.

cloud security, data center security, devsecops, security

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}