Illumio, a cyber security company with clients including Morgan Stanley, BNP Paribas, Salesforce, and Oracle NetSuite, has announced support for segmenting network communications for containers with the latest release of its Adaptive Security Platform (ASP).
Widespread adoption of public cloud environments and container-based computing is bringing flexibility and agility to enterprise IT, as compute environments move steadily outside the data center. However, the benefits of these services can be offset by the need for security, especially in governing them consistently with segmentation policies already applied to existing applications running on data center infrastructure.
Security segmentation in the public cloud would be critical to the overall protection of the data center as cloud-based infrastructure has the same access and creates additional attack vectors. Illumio ASP addresses this crucial security concern with segmentation across Kubernetes and OpenShift container platforms, as well as “consistent” support of non-container environments.
With the latest version of Illumio ASP, enforcing security segmentation policies through workloads would eliminate a number of the challenges posed by reliance on the network, providing:
- Centralized, infrastructure-agnostic visibility – with an approach that applies to wherever an enterprise is running its applications – from bare-metal servers and virtual machines to containers in an on-premise data center or across any public cloud environment. This would provide a single security segmentation solution with visibility into all active applications.
- Granular control for all workloads – by decoupling enforcement from the network infrastructure, which does not require a policy to have access to anything except a specific workload – across both containerized and non-containerized applications.