After raising $100 million in funding last year, Sunnyvale, Calif.-based Illumio has been on a mission to secure enterprise data using a dynamic approach that leverages context and relationship data to automatically program a security policy.
The company offers what it calls an Adaptive Security Platform (ASP) that can learn the relationships among application workloads and program the optimal security policy for every workload and adapt continuously to set an appropriate security policy, even as applications change.
Illumio has now added Adaptive User Segmentation capabilities to its platform through integration with Microsoft's Active Directory groups, which dynamically calculates and provisions connectivity rules based on user identity to prevent unauthorized communications and access to Illumio-protected applications.
According to the security startup, the integration of Illumio ASP and Active Directory allows an organization to ensure that only the correct users can connect to the appropriate workloads and applications in the data center, public cloud, private cloud or hybrid compute environment.
"Illumio's mission since our founding has been to help our customers regain control over their applications and data," said Andrew Rubin, co-founder and chief executive officer of Illumio. "With the introduction of Adaptive User Segmentation, Illumio once again is dramatically reducing computing attack surface through dynamic, policy-driven enforcement that allows users to only connect to the data center and cloud compute they are entitled to access."
"Illumio's new capabilities will resonate with security professionals assessing their security posture," said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. "Security leaders must deal with both sides of the user/data center equation and are well served to do it together rather than separately."
“Today, users within an organization can see and connect to most, if not all, applications within the data center or cloud environment, regardless of their Active Directory entitlements,” Illumio explained. “Given heightened challenges to deliver trust and security, relying on central systems of record like Active Directory to ensure users only have access to the appropriate assets is no longer sufficient.”
The company already offers nano-segmentation capability, which provides process-level segmentation among both physical servers and virtual machines and significantly reduces the surface area of server-to-server communications.