we LOVE Illumio - one of the best products we've ever seen
What do you like best about the product?
Illumio is the best product we use as a company IT-wise. It literally keeps us safe and is a tremendous troubleshooting tool as well! It is extremely easy to use, and tagging our servers via the import csv utility is a great feature we've come to love.
What do you dislike about the product?
Sometimes it works "too" good, but that is why we have it. It locks down traffic like it's supposed to!
What problems is the product solving and how is that benefiting you?
Illumio helps us decide which traffic gets in, and which traffic gets out. It helps us lock down our files shares, as well as segment internal traffic to only traffic that we have to have open for business continuity.
Solid platform for microsegmentation, reducing ACL complexity, and ransomware protection
What do you like best about the product?
My org uses Illumio for intra-VLAN protection, ransomware blast radius reduction, and as a more flexible alternative to our mess of ACLs.
It's letting us reduce our ACL sprawl, which was nearing hardware limits (CAM table exhaustion).
Illumio’s policy model and VEN install are baked into our server deployment process now, which I recommend all customers do.
I work in both networking and security, and Illumio bridges both worlds well. I touch it frequently to manage access across all sorts of servers and traffic flows, and I have no complaints about performance or UI.
Great for network or security folks trying to shrink blast radius and ditch legacy ACL messes.
What do you dislike about the product?
There is definitely a learning curve, but once you wrap your head around the policy model, it clicks.
Only gotcha I've seen is that changing a server IP often requires reinstalling the VEN.
What problems is the product solving and how is that benefiting you?
Definitely makes network access changes easier than going through our usual ACL deployment process. And I like that server admins can use it to check traffic flows to see if they're having any network issues before talking to me.
Effortless Firewall Rule Management, No Drawbacks Yet
What do you like best about the product?
Easily translate business requirements into host firewall rules, avoiding setting up complicated rules at perimeter firewall
What do you dislike about the product?
There is nothing that I dislike regarding Illumio.
What problems is the product solving and how is that benefiting you?
The ransomware protection is effective, and it makes it easy to block unnecessary east-west traffic.
Have created granular security policies based on roles and application behavior
What is our primary use case?
The main use case for Illumio is providing micro-segmentation where we don't want to segment the network based on IP addresses but rather segment them based on roles, applications, and environments. Everything that we do from the segmentation point of view is based on the label. Based on the label, we prepare the policies, and then we do the segmentation, which gives us a more granular approach and limits the attack surface from happening. Now the attack surface is limited, and this will happen if any attack occurs; we stop the lateral movement of the attack because we have segmented the environment.
I am managing a project where the client needs Illumio, and we are helping with their environment on the segmentation approach. They have many applications in their environment, and we support them by understanding the environment and applications they have. When we have the full inventory of their applications, we ask them to do the labeling in Illumio based on information such as how many applications they have, what labels we have to give them, and under what categorization those labels should be. For example, which application should be part of this location, this role, this environment, and this application. Based on that, we have created an approach to help our client onboard the applications, wherein we have many activities happening. For example, we review their traffic, conduct ring-fencing, and understand what traffic goes through. After a few days, we understand the required traffic, based on that we draft the policy, have the policy review session, and then finally enforce the application. All of this occurs alongside the process from the client end; they follow all the processes, and we handle the technical part before finally enforcing the application.
Illumio is deployed in the cloud environment in Azure.
What is most valuable?
The best feature that Illumio offers is that we can easily understand how to label the applications, how to install Illumio agent on the client machines, how to install the agent on the servers, and how to do the ring-fencing. The log analysis is very simple, and we can map the traffic very easily, such as the traffic view and map view. We have many views to do that, and then we have a topology environment where we can expand the topology and understand how we want to prepare our policy based on the requirement. These are some of the very good use cases that Illumio provides, which none of the other vendors can offer in such an easy and usable way.
The most important feature is the traffic review analysis, where we use the draft view and the reported view that helps us understand how the application interacts with other applications in the environment, and based on that, we are able to define the policies.
It has increased the business for the organization. We are creating business by supporting the client. The client is getting more security and is more confident in their network because they now have the micro-segmentation feature in their environment. This is new technology and that's how it helps the organization as a whole. The clients we support are benefited, and at the same time, we are making money out of it. This is definitely a good approach.
After implementing Illumio, there has been significant progress. Most of the app owners now understand what applications are communicating, how these applications interact with others, and we are more aware of which application is talking to what other servers and applications, and their roles. For instance, whether an application is talking to the DB server or an app server. We have a more granular understanding of the traffic view. Additionally, after implementing Illumio, there is greater segmentation, and fewer incidents are occurring. There have been times when an attack was halted from expanding laterally.
What needs improvement?
Illumio can be improved if we have more interactive sessions with the tech team. The support of Illumio can be better since it's a new tool, and people can explore it more. There could also be more examples of how the automations can be done using Illumio.
For how long have I used the solution?
I have been using Illumio for the last two years.
What do I think about the stability of the solution?
The solution is very stable.
What do I think about the scalability of the solution?
It is very good. We can expand it wherever we want. We can use it in container environments, install it on servers, and integrate machines in the environment. Scaling it to a large level is not an issue for us.
How are customer service and support?
Customer support is good.
Which solution did I use previously and why did I switch?
We were about to experience Guardicore, but Guardicore was costly. Illumio is top in the market, and from a cost perspective, it is cheaper than Guardicore, so we chose that.
What was our ROI?
Time has definitely been saved.
What's my experience with pricing, setup cost, and licensing?
My experience was really good because I think it's not very expensive if we compare it with Guardicore. I believe that's a good product.
What other advice do I have?
I would advise others considering using Illumio to have a basic understanding of networking and some usage of protocols. They should be able to understand what TCP/IP is so they can look into the connections and understand what's happening. Some basic knowledge of networking is required before using Illumio, as well as the concept of micro-segmentation. We should have a proper purpose for using this tool.
I believe the additional thoughts for Illumio are that it's the best in the market. It will remain the best in the market if they continue working on addressing bugs and if customer support is helpful, friendly, and available all the time; I think nobody is going to lose Illumio at all.
We are the partner.
On a scale of 1-10, I rate Illumio a 10. It's best in Gartner. It's the top product in the market for micro-segmentation. The GUI is very simple, and I think there could be nothing better than this.
Secured my businesses from all kind cyber threats
What do you like best about the product?
The most helpful feature in Illumio is Database security and data loss protection from malware threats with the help of security auditing and security analysis
What do you dislike about the product?
I like the user friendly interface of Illumio software which easy to use for my entire team. There are no dislikes from my side as Illumio team is supportive in solving all the doubts
What problems is the product solving and how is that benefiting you?
Illumio has solved the problem of user analytics and security analytics by implementing real time user monitoring,network monitoring configuration monitoring to safeguard from data loss
Security for applications in Cloud
What do you like best about the product?
1. User friendly security filter options
2. Minimal knowledge of firewall rules is enough to use this platform
3. Traffic based mapping between workloads and internet
4. Threat Defense Mechanism to pernicious threats
What do you dislike about the product?
As of my knowledge, I dont find any dislikes or issues.
What problems is the product solving and how is that benefiting you?
Integration of network is quite easy and good. It surpasses the traditional way of making rules on firewall. Compatible with different environments of Linux, Windows OS.
Illumio Firewalling
What do you like best about the product?
Effective control on the domain controllers
What do you dislike about the product?
Complete control over the Windows domain controllers
What problems is the product solving and how is that benefiting you?
It affectively controls the access to the services offered by Domain Controllers
Advance Security that Easy to Implement and Use!.
What do you like best about the product?
Illumio has great advance Security filter options with easy to use. It is working on firewall with any OS platform like Windows, Linux, Solaris. We can use with minimal knowledge of firewall rules. PCE and VEN both can work perfectly.
What do you dislike about the product?
Nothing to dislikes. It has great features to secure networks. can make rules with minimal knowledge of firewall.
What problems is the product solving and how is that benefiting you?
With the use of PCE, we make rules on it and applied on VEN(Virtual Enforced Node) so each rules applied on system and whole networks, which is perfect solutions to remove complexity of old traditional way to make rules on firewall.
Recommendations to others considering the product:
Illumio is advance Security filter firewall which secures network with minimal knowledge of IP rules.
Illumio is best sutaible security platform for creating firewall rules.
What do you like best about the product?
The most amazing frature I like about this product is that is illumination map, which shows the traffic based mapping between workloads and internet. Admin can easily understand the services without having depth knowledge about this product although cam create rules as per requirements.
What do you dislike about the product?
There are not much dislike thing about Illumio ASP, but the logging of the applications on system could be more deeper.
What problems is the product solving and how is that benefiting you?
Looking to make the ASP compatible with docker containers as well microservices. There are so many benefits that it is compatible with different flavours of linux and unix as well windows OS.
Recommendations to others considering the product:
ASP is best to go with platform if you are looking for something that solves your customizable firewall based problem inhouse without having multiple third party services.
