Sold by: Illumio
Deployed on AWS
Free Trial
Vendor Insights
AWS Free Tier
Illumio Zero Trust Segmentation (ZTS) Platform is the only solution that handles it all: Endpoint-Endpoint, Endpoint-Server, Server-Server, as well as extensive support for cloud workloads, containers, IoT, and OT devices. Empowering organizations to be more resilient for whatever may come their way. ZTS contains the spread of breaches and ransomware across the hybrid attack surface by continually visualizing how workloads and devices are communicating, creating granular policies that only allow wanted and necessary communication, and automatically isolating breaches by restricting lateral movement proactively or during an active attack.
In addition, Illumio ZTS includes the Illumio Virtual Advisor (IVA) which provides actionable, AI driven guidance for even the most complex tasks. With IVA, teams can streamline their workflows with instant, expert-level answers to their questions. Quickly access critical information and achieve complex tasks simply by asking the virtual advisor.
4.5
Overview
Illumio Breach Containment Platform provides comprehensive mapping of traffic telemetry across hybrid multi-cloud environments and endpoints for applications, data, and cloud workloads. This visualization allows security teams to uncover unnecessary connectivity that increases risk. With the Illumio Breach Containment Platform, you can easily know if you are at risk of an attack or currently under attack. Detailed context-based label descriptions of objects guides teams as they create policies, based on applications' components and relationships. With Illumio, teams can make faster, more informed decisions about what traffic to segment to proactively maintain a strong security posture or reactively isolate a breach.
Illumio Breach Containment Platform is made up of these solutions:
Illumio Insights for visibility and incident response. Quickly identify risk, detect attacks, and contain threats with a single click. Empower security teams to protect critical assets and respond instantly.
Illumio Segmentation for cloud and on-premises data center workloads. Limit an attacker's ability to travel across lateral traffic with proactive policy controls that limit the exposure of valuable assets
Highlights
- See risk Visualize all communication and traffic between workloads and devices across the entire hybrid attack surface. Gain visibility with real-time telemetry and data, understand application communications, security policy, usage, access and security exposure with a comprehensive map of traffic flows.
- Set policy Comprehensive monitoring and simplified labeling that helps eliminate blind spots by automatically setting granular and flexible segmentation policies that control communication between workloads and devices to only allow what is necessary and wanted.
- Stop the spread Proactively isolate high-value assets or reactively isolate compromised systems during an active attack to stop the spread of a breach by programming dynamic workload policies for hybrid multi-cloud networks and endpoints, and applying automated policy recommendations.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(1)
ISO27001
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Illumio Breach Containment Platform | Price per 250 secured workloads + Breach Containment Platform | $109,000.00 |
100 CloudSecure Workloads | Price per 100 public cloud workloads | $38,400.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Illumio provides customers with 24/7 support by phone, email, and through our support portal. +1 888 631 6354, support@illumio.com ,
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Illumio
By Zscaler, Inc.
Top
50
In Security Observability, Device Security
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Traffic Visualization
Comprehensive mapping of traffic telemetry across hybrid multi-cloud environments and endpoints with real-time communication tracking
Zero Trust Segmentation
Granular policy controls that limit communication between workloads and devices to only allow necessary and wanted interactions
Breach Containment
Dynamic workload policy programming to proactively or reactively isolate compromised systems and prevent lateral movement during attacks
AI-Driven Guidance
Virtual advisor providing actionable, context-based recommendations for complex security tasks and policy creation
Multi-Environment Support
Extensive coverage for endpoint, server, cloud workloads, containers, IoT, and OT device communication security
Network Policy Management
Fine-grained network policy enforcement across Kubernetes clusters with support for egress, ingress, in-cluster, and cross-cluster traffic control
Traffic Segmentation
Automatic identification and isolation of namespace boundaries with granular traffic limitation by IP addresses, domains, and IP CIDRs
Egress Traffic Control
Static IP address assignment for egress traffic from Kubernetes pods to enable integration with external firewalls and security tools
Gateway Management
Standardized ingress traffic management using Gateway API with integrated Envoy Gateway for enterprise-grade security
Multi-Cluster Security
Centralized network security management across multiple Kubernetes distributions in cloud and on-premises environments
Zero Trust Network Architecture
Cloud-native platform implementing zero trust principles with AI-powered cyberthreat protection
Threat Prevention Mechanism
Advanced AI-driven cyber threat and data loss prevention services to eliminate attack surfaces and prevent compromise
Access Control Framework
Next-generation zero trust network access (ZTNA) platform enabling secure connections to private apps, services, and OT devices
Digital Experience Monitoring
Performance optimization and issue resolution tracking from end-user perspective across application, network, and device domains
Data Protection Strategy
Comprehensive protection against data loss from users, SaaS applications, and public cloud infrastructure through advanced prevention techniques
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
-
-
-
No security profile
No security profile
Standard contract
No
No
No
Customer reviews
SREENU S.
Easy Segmentation and Security with Illumio
Reviewed on Dec 15, 2025
Review provided by G2
What do you like best about the product?
I like Illumio because it's easy to use and easy to administrate. The UI and agent installation and configuration are straightforward, which makes it easier compared to other products.
What do you dislike about the product?
none
What problems is the product solving and how is that benefiting you?
Illumio helps with segmentation and security by restricting ports and isolating EOL servers. It's easy to use and administer, thanks to its intuitive UI and straightforward agent installation and configuration.
Manufacturing
Revolutionizes Zero Trust with Effortless Micro-Segmentation
Reviewed on Dec 11, 2025
Review provided by G2
What do you like best about the product?
Illumio is among the most impressive technologies I have encountered for supporting a zero trust approach. It greatly simplifies the process of implementing micro-segmentation.
What do you dislike about the product?
I think there is always potential for improvement. My main issue is the inability to stream logs directly to a SIEM, which I find limiting. Aside from that, I consider it to be an excellent product.
What problems is the product solving and how is that benefiting you?
A solid cybersecurity strategy always begins with visibility, and Illumio delivers the level of visibility needed to make informed decisions about securing communications between workloads.
Lafaiete N.
Effortless Cybersecurity with Stellar Support
Reviewed on Nov 26, 2025
Review provided by G2
What do you like best about the product?
I love Illumio for its ease of implementation, which simplifies integrating the system into our network environment. This feature significantly reduces the time and resources needed for setup. Moreover, I appreciate that Illumio efficiently organizes communications in a way that enhances security and essentially eliminates the risk of lateral movement, providing a robust defense against potential cyber-attacks. Additionally, the quality of after-sales support offered by Illumio is commendable, as it ensures continuous assistance and resolution of any issues that may arise post-implementation, thereby enhancing the overall user experience.
What do you dislike about the product?
I find compatibility with legacy operating systems to be lacking.
What problems is the product solving and how is that benefiting you?
I use Illumio to enhance cybersecurity by microsegmenting our OT Networks, organizing communications securely, and reducing lateral movement risks during attacks.
Dayne W.
we LOVE Illumio - one of the best products we've ever seen
Reviewed on Nov 25, 2025
Review provided by G2
What do you like best about the product?
Illumio is the best product we use as a company IT-wise. It literally keeps us safe and is a tremendous troubleshooting tool as well! It is extremely easy to use, and tagging our servers via the import csv utility is a great feature we've come to love.
What do you dislike about the product?
Sometimes it works "too" good, but that is why we have it. It locks down traffic like it's supposed to!
What problems is the product solving and how is that benefiting you?
Illumio helps us decide which traffic gets in, and which traffic gets out. It helps us lock down our files shares, as well as segment internal traffic to only traffic that we have to have open for business continuity.
Michael K.
Solid platform for microsegmentation, reducing ACL complexity, and ransomware protection
Reviewed on Nov 12, 2025
Review provided by G2
What do you like best about the product?
My org uses Illumio for intra-VLAN protection, ransomware blast radius reduction, and as a more flexible alternative to our mess of ACLs.
It's letting us reduce our ACL sprawl, which was nearing hardware limits (CAM table exhaustion).
Illumio’s policy model and VEN install are baked into our server deployment process now, which I recommend all customers do.
I work in both networking and security, and Illumio bridges both worlds well. I touch it frequently to manage access across all sorts of servers and traffic flows, and I have no complaints about performance or UI.
Great for network or security folks trying to shrink blast radius and ditch legacy ACL messes.
It's letting us reduce our ACL sprawl, which was nearing hardware limits (CAM table exhaustion).
Illumio’s policy model and VEN install are baked into our server deployment process now, which I recommend all customers do.
I work in both networking and security, and Illumio bridges both worlds well. I touch it frequently to manage access across all sorts of servers and traffic flows, and I have no complaints about performance or UI.
Great for network or security folks trying to shrink blast radius and ditch legacy ACL messes.
What do you dislike about the product?
There is definitely a learning curve, but once you wrap your head around the policy model, it clicks.
Only gotcha I've seen is that changing a server IP often requires reinstalling the VEN.
Only gotcha I've seen is that changing a server IP often requires reinstalling the VEN.
What problems is the product solving and how is that benefiting you?
Definitely makes network access changes easier than going through our usual ACL deployment process. And I like that server admins can use it to check traffic flows to see if they're having any network issues before talking to me.