Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Network Security

Illumio Unveils Security Templates to Protect Data Center Apps

New Security Templates from Illumio Help Close Security Gaps Inside Data Centers and Clouds

New Security Templates from Illumio Help Close Security Gaps Inside Data Centers and Clouds

Ensuring security policy implementation conforms to policy definition, and that the policy definition is correct for the environment is always hard. With IT estates in continual flux through expansion, mergers and acquisitions and cloud migrations, and with the skills gap getting wider, it is increasingly more difficult to lock things down completely. One solution could be automation.

Readymade and free policy template documents have long been available for download from the Internet. But they tend to be high level and still require detailed specification and implementation. “Security templates have been around for 20 years for servers,” explains Chris Weston, a CIO advisory consultant, “but the landscape is much more complex now. So the job has become more manual simply because it’s hard to find a one-size-fits-all answer.” It’s that manual element that lets errors creep in; while one-size-fits-all is getting increasingly difficult.

Platform providers have a unique opportunity. Not only can they provide detailed templates for their own platforms, they can automate the implementation of those templates within that environment. Illumio is perhaps first off the mark. Launched today, the Illumio Security Templates are described as “downloadable, tested and validated policy packs that provide all the segmentation rules needed to write a security policy for common enterprise applications or application components.”

But these are not simply written documents that require manual installation — they provide a completely automated policy implementation within the Illumio Adaptive Security Platform (ASP). They start from a baseline of the application provider’s own security recommendations, and then apply those recommendations to the installation. 

“Illumio’s Security Templates let security and operations teams be as agile as they need to be,” explains Matthew Glenn, vice president of product management at Illumio. “With ‘push-button’ policies, IT no longer needs to laboriously create manual (and error-prone) segmentation rules in switches and firewalls from scratch. Our security templates take the work out of categorizing applications, or modifying the network to secure these critical applications. Applying pre-tested rule sets rapidly and accurately enables truly adaptive segmentation approaches for applications.”

Simply implementing a security policy is only half the battle — it needs to be maintained. The danger here is that experienced staff move on, inexperienced staff move in, and the environment continues to grow and contract. But provided the environment remains within the ASP, Illumio’s templates can be continuously aware of the applications and information flows between them.

When Exchange talks to Active Directory it is difficult to understand and be aware of all the different processes — and in security, what you don’t know you cannot defend. For example, Net Logon can easily use 10,000 or more dynamic ports as it communicates with Active Directory — so the port chosen and used at any given time can be unpredictable, and policy creation is complex. 

Illumio Screenshot

The templates integrate with Illumio’s ‘Illumination’ console graphic display. This display monitors all live application flows within ASP. Where those flows are in accordance with policy, the flows are shown as green lines; otherwise they show red.

Whenever a red line appears, the templates can be invoked and the correct policy enforced for that information flow. The red line will then return to green. The advantage of this approach is that the environment is continually monitored automatically for policy violations — and if they occur they can be rectified rapidly, easily and automatically; and be verified by Illumination.

Templates have been prepared for many of the leading data center applications, such as Active Directory Domain Communication Server 2008/2012 R2, SharePoint 2013, Exchange 2013, SQL Server 2014, Mongo DB and MySQL DB. Illumio expects to add to the list of applications over the coming months.

The downside with Illumio’s Security Templates is that they can only work for Illumio ASP customers. Nevertheless, Illumio’s chief commercial officer Alan Cohen points out that other security platform providers will undoubtedly follow.

Illumio raised $100 million Series C financing in April 2015, bringing the total raised by the company to more than $142 million in just over two years.

Written By

Kevin Townsend is a Senior Contributor at SecurityWeek. He has been writing about high tech issues since before the birth of Microsoft. For the last 15 years he has specialized in information security; and has had many thousands of articles published in dozens of different magazines – from The Times and the Financial Times to current and long-gone computer magazines.

Click to comment

Expert Insights

Related Content

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Cybersecurity Funding

Forward Networks, a company that provides network security and reliability solutions, has raised $50 million from several investors.

Network Security

Cisco patched a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Network Security

Vulnerabilities identified in TP-Link and NetComm router models could be exploited to achieve remote code execution (RCE).

Application Security

Google’s Threat Analysis Group (TAG) has shared technical details on an Internet Explorer zero-day vulnerability exploited in attacks by North Korean hacking group APT37.