Micro-segmentation has strengthened server traffic control and improves breach containment
What is our primary use case?
The main use case for Illumio involves working on any new applications enrolled into the architecture, where I focus on understanding the traffic and documenting rules. I often face issues with agent and PC console communication, so in those cases, I suspend the agent, check the services, and make sure to activate and deactivate. I perform all types of troubleshooting to ensure the agent communicates properly with the PC console and fetches the policies actively.
For new applications onboarded into the infrastructure, I first work on understanding the application, the users, and whether it is in production, development, testing, or UAT, which involves grasping the basic structure. Then I work closely with application teams to identify what communication needs to be allowed and what is not required. After the agent is installed on those servers, we move them from idle to visibility to monitor traffic for a week. This involves exporting a report and closely collaborating with application teams to define which traffic requires rules and segregating the non-required traffic by source and destination. This documentation leads to a precise mapping of traffic, allowing me to create rules for the servers. The agents are eventually moved to visibility to selective enforcement for some and full enforcement for others, while also providing teams with guidance on future communications and necessary actions, all of which are clearly documented.
What is most valuable?
Illumio is a very good tool that is flexible, with policies written using labels such as environment, application, role, and location rather than IP addresses, making policy management scalable and easy to maintain in dynamic environments. However, the initial setup requires careful planning, and improperly configured policies can block communications between applications. Troubleshooting may require a deep understanding of traffic logs and flow data, alongside previously written policies. Additionally, agent dependency is a consideration since any agent-related issues can affect policy application, making proper monitoring of agent health crucial. Overall, Illumio is a powerful tool for micro-segmentation and zero trust security that provides strong visibility, flexible policy management, and effective threat containment, enhancing an organization's internal security posture. It is not just a security tool but a strategic solution for modern infrastructure security that can significantly reduce the risk of lateral movement and improve overall network security with proper implementation.
The best features Illumio offers include real-time control of traffic between servers and allowing required communication based on specified ports while blocking unwanted ports. It provides breach containment, preventing communication on unapproved ports, and offers full visibility of traffic flows that helps in troubleshooting and audits, with traffic mapping generated by a central controller that analyzes and creates policies based on labels instead of IPs. Policy management is highly scalable, and the lightweight agent can be easily installed on each server, enabling policy simulation to check impact before enforcement using a draft view.
These features are incredibly valuable, including predefined templates that save time and reduce manual errors, resulting in massive scalability that is suitable for larger enterprises, which represent the best features of Illumio for micro-segmentation and real-time visibility.
What needs improvement?
Illumio requires me to create policies for each type of traffic, and for new users, the policy design can be a bit complex. More guided onboarding or automatic policy suggestions would help teams adapt to Illumio faster without needing extensive expertise. While I do not find issues with the interface, first-time users might struggle with navigation. Current limitations also include the integration with tools such as SIM not being seamless, and support for Splunk and Sentinel could be improved. More AI automation in policy creation, such as auto policy recommendations and anomaly detections, would reduce manual processes and human errors. Additionally, old operating systems may not be fully supported, and broader compatibility for the agent or an agent-less option would be beneficial.
Enhanced reporting and analytics would be useful, as current reporting is basic, so improvements such as more customizable reports, compliance reports, and executive dashboards are needed due to their use for management and audits. Reducing dependency on the agent is crucial since enforcement depends on agent health, so improvements such as a backup enforcement mechanism and better agent monitoring or auto-recovery would increase reliability.
For how long have I used the solution?
I have been using Illumio for the past five years.
What do I think about the stability of the solution?
What do I think about the scalability of the solution?
Illumio's scalability is very good; it is quite easy to scale.
How are customer service and support?
Customer support is really good.
Which solution did I use previously and why did I switch?
I have not used any other solutions before Illumio. Prior options were not evaluated before choosing Illumio.
What other advice do I have?
I give Illumio a rating of nine out of ten.
I gave it a nine out of ten due to some small changes I previously mentioned regarding improvements needed for Illumio, such as the dependency on agent health and requests for a simplified dashboard along with AI-based auto policy recommendations. The policy creation process is mostly manual, so AI-based recommendations would be useful. It is an excellent tool for cybersecurity, especially for micro-segmentation, preventing attacks from spreading from one compromised server to others in the infrastructure. With some additional improvements, particularly for first-time users and their understanding, it could reach a perfect score of ten.
Illumio is a great product for managing server-to-server communication properly. It is scalable and user-friendly, but first-time users may experience challenges understanding policy creation, so better guidance is necessary to enhance their learning process. My overall review rating for this product is nine out of ten.
Micro-segmentation has improved threat containment but now needs deeper visibility and container support
What is our primary use case?
Illumio's use case compared to Akamai is exactly the same. For the purpose of micro-segmentation, it is the same.
What is most valuable?
The advantages of Illumio really stand out because they are not using the kernel module. The biggest thing is that the agents used, the software that goes onto the PCs or the servers, is not as comprehensive as that of Akamai. This might be better for some companies that want a light agent instead of a thick agent.
Illumio has some VPN features and encryption features that are not available in Guardicore.
Illumio's ability to contain threats through secure segmentation is positive. I would say it's a good part here.
They have some features that are not available in Akamai Guardicore.
What needs improvement?
Illumio does not have much in terms of application dependency mapping features. They lack layer 7 process level segmentation, which is a limitation.
In Guardicore, you have the layer 7, the process level. You don't have that in Illumio. This indicates that the information about malware, intrusion detection, and threats would be better in Guardicore because it has this layer 7 support which Illumio does not have.
Some customers like Illumio because it's a simpler product. If it's too complex, some customers think that it's better to have a more simple product. Of course, Illumio has some features that Guardicore doesn't have.
The container support in Illumio is not the same as in Guardicore.
Guardicore has native support for containers, but Illumio does not have native support. They need to install an agent in the container world, while Akamai Guardicore does not need to install an agent, so they have native support that Illumio lacks.
For how long have I used the solution?
I have been dealing with Illumio for only one year so far.
What do I think about the stability of the solution?
Regarding stability for Illumio and performance issues, I cannot answer that. So far, everything is going well. I do not see any problems.
What do I think about the scalability of the solution?
I think Illumio is scalable, the same as the others.
How was the initial setup?
It's rather complex to install Illumio, but that would be the same for both vendors. There is no big problem when you're installing it. It's pretty much straightforward.
What was our ROI?
I observe extensive return on investment with Illumio. The savings will be more than 100% from Illumio.
What's my experience with pricing, setup cost, and licensing?
It will be the same price as the Akamai price for Guardicore. It's expensive, that's true. But when you compare it to firewalls, then it may not be that expensive.
What other advice do I have?
Before, I mentioned that Illumio is not very comprehensive in comparison to Akamai. I said that they could have a lighter agent and also process level segmentation. There is something that's not perfect in Illumio that could be improved.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Segmentation has strengthened internal traffic control and reduces lateral movement risks
What is our primary use case?
We use Illumio as our network security platform to protect our EC2 instances. We use Illumio on our EC2 instances to detect and respond to any instance that might occur on the network side. That is pretty much all we use it for. It is very easy to detect and respond using Illumio.
What is most valuable?
Illumio offers great features such as controlling east-west traffic within data centers and clouds, enforcing segmentation policies between workloads, and reducing the attack surface by limiting unauthorized lateral movement.
Illumio's segmentation rules without requiring anything are pretty unique. It also integrates well with other security tools, giving you a centralized view of policy enforcement across your environment. If you're looking for east-west traffic control and zero-trust architecture, it's a great fit.
From what I have seen, Illumio positively impacts organizations by giving them a much clearer picture of their internal traffic, allowing them to identify risky connections they didn't see before. It also speeds up compliance, as I have heard, since they can enforce least privilege rules across their environments much faster. By reducing lateral movement, it just makes their overall security posture a lot stronger.
What needs improvement?
One area for improvement regarding Illumio might be making the policy management even more intuitive. Right now, it's powerful but can have a bit of a learning curve for some teams. Another thing could be deeper integrations with more third-party security tools. While they do integrate well, a broader set of APIs could make it even easier to slot into different stacks. It is already strong, but a bit more polish on usability and integration could take it further.
Another improvement might be around scalability, ensuring that as organizations grow, Illumio can handle even larger, more complex environments seamlessly. It would be great to see more advanced automation, such as AI-driven recommendations on segmentation rules or anomaly detection. That would really boost proactive security management.
For how long have I used the solution?
I have been using Illumio for about six months now.
What other advice do I have?
One big outcome we saw after implementing Illumio was a notable drop in lateral movement incidents. Within the first few months, we had about a 40% reduction in potential attack paths. On the compliance side, we cut audit times in half. What used to take weeks to validate now takes just a few days. It has really helped us tighten up both security and operational efficiency.
Illumio delivers really solid results. Micro-segmentation is top-notch, and we saw real security improvements. Some of the finer automation and user experience aspects still require a bit of effort to get fully dialed in. Illumio is deployed in our organization in the public cloud, specifically AWS. We use AWS, which is Amazon Web Services, as our cloud provider. We did not purchase Illumio through the AWS Marketplace.
Illumio is definitely a good solution if you have a lot of network traffic that you're dealing with. I rate Illumio a solid eight out of ten.
Zero Trust Segmentation That Boosts Visibility and Limits Breach Impact
What do you like best about the product?
Illumio is helpful because it stops attackers from moving around your network if a breach happens.
It uses Zero Trust segmentation to limit access without needing major network changes.
You get clear visibility into application traffic across data centers and cloud environments.
It’s quick to deploy, easy to manage, and scales well as your environment grows.
Overall, it reduces the blast radius of attacks, simplifies operations, and strengthens security with minimal disruption.
What do you dislike about the product?
Illumio can take time to fully tune, since defining the right policies requires upfront effort.
It focuses on segmentation, so it doesn’t replace other security tools like EDR or firewalls.
The value is highest in complex environments, which may limit impact for very small setups.
Licensing and cost can feel high compared to simpler controls.
Teams may also need training to get comfortable with the model and workflows.
What problems is the product solving and how is that benefiting you?
Illumio helps stop cyberattacks from spreading inside a network by breaking it into small, controlled segments.
It gives clear visibility into how systems and applications talk to each other.
This makes it easier to spot risky connections and unusual behavior.
It automates security policies, reducing manual work and mistakes.
Illumio works across on-prem, cloud, and hybrid environments.
If a breach happens, the damage is contained instead of spreading everywhere.
Overall, it simplifies security operations while making the organization more resilient and compliant.
Needs More Innovation and Better Integration
What do you like best about the product?
The product does doesn't cause issues and not a lot of maintenance is required.
What do you dislike about the product?
Illumio lacks innovation and integration.
What problems is the product solving and how is that benefiting you?
Microsegmentation between servers.
Easy to Use and Powerful—Highly Recommended
What do you like best about the product?
Easy to use , powerfull and quick to freeze a problematic pc
What do you dislike about the product?
nothing yet :-) maybe that i should of got it earlier
What problems is the product solving and how is that benefiting you?
Latteral movement whithin some of our flat network subnet
Effortless Microsegmentation and Fast Troubleshooting with Illumio
What do you like best about the product?
The microsegmentation is its biggest feature. What I like most is the ease in configuration and implementation. Troubleshooting can be done faster as the configuration is simple and easy to understand
What do you dislike about the product?
None. When compared to other firewalls, Illumio is the easist to implement and troubleshoot.
What problems is the product solving and how is that benefiting you?
The ease of implementation and configuration. Have not encountered bugs that would causes impact to the traversing traffic as compared to other firewalls. Easy to troubleshoot as well so saves us time isolating issues
Easy Segmentation and Security with Illumio
What do you like best about the product?
I like Illumio because it's easy to use and easy to administrate. The UI and agent installation and configuration are straightforward, which makes it easier compared to other products.
What do you dislike about the product?
none
What problems is the product solving and how is that benefiting you?
Illumio helps with segmentation and security by restricting ports and isolating EOL servers. It's easy to use and administer, thanks to its intuitive UI and straightforward agent installation and configuration.
Revolutionizes Zero Trust with Effortless Micro-Segmentation
What do you like best about the product?
Illumio is among the most impressive technologies I have encountered for supporting a zero trust approach. It greatly simplifies the process of implementing micro-segmentation.
What do you dislike about the product?
I think there is always potential for improvement. My main issue is the inability to stream logs directly to a SIEM, which I find limiting. Aside from that, I consider it to be an excellent product.
What problems is the product solving and how is that benefiting you?
A solid cybersecurity strategy always begins with visibility, and Illumio delivers the level of visibility needed to make informed decisions about securing communications between workloads.
Effortless Cybersecurity with Stellar Support
What do you like best about the product?
I love Illumio for its ease of implementation, which simplifies integrating the system into our network environment. This feature significantly reduces the time and resources needed for setup. Moreover, I appreciate that Illumio efficiently organizes communications in a way that enhances security and essentially eliminates the risk of lateral movement, providing a robust defense against potential cyber-attacks. Additionally, the quality of after-sales support offered by Illumio is commendable, as it ensures continuous assistance and resolution of any issues that may arise post-implementation, thereby enhancing the overall user experience.
What do you dislike about the product?
I find compatibility with legacy operating systems to be lacking.
What problems is the product solving and how is that benefiting you?
I use Illumio to enhance cybersecurity by microsegmenting our OT Networks, organizing communications securely, and reducing lateral movement risks during attacks.
