When it comes to data center security, gigantic middlebox firewalls can be problematic. You have issue with scale and workload placement, latency challenges, and the potential for pain when you need to upgrade.
A big firewall also isn’t the best tool to deal with east-west traffic inspection, and has limited utility for containing a breach.
Microsegmentation is a relatively new architecture that defines by host or subnet who can talk to whom about what. And it does it with a centralized policy and distributed firewalls. You get manageability, scale, and a reduced attack surface with microsegmentation.
On today’s Weekly Show we dive into microsegmentation with our sponsor, Illumio. We discuss how Illumio works, how it can limit the impact of a breach, and how to deploy and run a microsegmentation architecture at scale.
Our guest is Matt Glenn, VP of Product Management.
In this episode we cover:
- Illumio’s two core elements: the policy compute engine and the virtual enforcement node
- How Illumio builds a live application dependency map to create security policies
- How the platform leverages existing host controls such as IP tables to enforce security policies
- How the product works on premises and in public clouds
- Running Illumio in a brownfield environment
- How Illumio can help you clean up your CMDB
Illumio Presents At Network Field Day 19 – Tech Field Day