Security Experts:

Illumio Raises $125 Million to Expand Adaptive Segmentation Business

Data center and cloud segmentation firm Illumio announced today that it has raised a further $125 million in a Series D funding round. This adds to the $100 million Series C financing raised in April 2015, and brings the firm's total funding to $267 million.

New and existing investors, including Andreessen Horowitz, General Catalyst, 8VC, Accel and Data Collective (DCVC) all participated -- buoyed by the firm's annualized bookings growth of 400 percent from the first to second year in market. Illumio's customers now include nine of the largest 15 financial companies in the U.S., and four of the top seven SaaS providers.

Illumio LogoThe new capital will be used to expand Illumio's global reach in field sales, marketing and customer support; and continuing R&D. The purpose, said Illumio in a statement today, is to "enable the company to accelerate its vision of making adaptive segmentation the foundation for cybersecurity in every enterprise data center and public cloud."

Segmentation is not a new security concept. In its most basic form, company computers are segmented from the public internet, and OT is segmented from IT, with firewalls. But as cyber attackers have become more sophisticated, and data center infrastructures more complex, the need for internal segmentation has grown. It is the most effective method for containing the insider threat, and for preventing the lateral movement of attackers who breach the firewall perimeter defense.

Indeed, segmentation is increasingly required for compliance and regulations. For example, PCI DSS v3.2 (1.3.6) states, "Place system components that store cardholder data (such as a database) in an internal network zone, segregated from the DMZ and other untrusted networks." Such requirements are only likely to increase both as part of compliance and as a means of demonstrating best security practices to regulators.

"Given the exponential growth of cybersecurity risks, it's clear that segmentation is now one of the largest market opportunities in enterprise software," said Larry Unrein, Global Head of J.P. Morgan Asset Management's Private Equity Group.

But the traditional methods for segmentation -- firewalls and router-enforced zoning -- are difficult, complex and expensive in modern dynamic data centers and public clouds. This is the market and approach that Illumio seeks to disrupt. Rather than imposing rules on separate routers and firewalls around the infrastructure, Illumio provides a platform that invokes the inherent security already available within individual devices.

The segmentation is controlled and enforced from a central policy compute engine (PCE) that activates and manages the enforcement capabilities in existing assets. It doesn't require additional hardware or software that add complexity, become performance chokepoints, and increase costs. Illumio's approach is to allow the right degree of segmentation to precisely where it is needed: a granular and adaptive method.

Using this approach, Morgan Stanley reduced its firewall rules by 90 percent with Illumio, while another customer has reduced 15,000 firewall rules to 40 security policies -- all defined in, contained in, and controlled by the PCE. 

"The security segmentation market is already a multi-billion-dollar opportunity," said Andrew Rubin, CEO and co-founder of Illumio; "and Illumio's traction with customers such as Salesforce, Morgan Stanley and Workday demonstrates that the Illumio Adaptive Security Platform can solve these challenges at scale. Illumio is uniquely suited to address the needs of large and small organizations as they shift focus away from the perimeter and towards having complete visibility and control inside the data center and cloud compute environments."

view counter
Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.