Adaptive security company Illumio, the just released Illumio Security Templates, offering ready-to-use security policies for core data center and cloud applications. They are pre-made to secure common applications, providing segmentation without having to reconfigure the network.
These templates can be quickly used to secure applications including Exchange, Microsoft Active Directory, Microsoft SharePoint, Microsoft SQL Server and MongoDB rapidly.
These tested and validated policy packages are downloadable, and they provide all the segmentation rules required to write a security policy for common enterprise applications or application components.
A lot of programs, regardless of whether they are used in existing data centers or cloud computing environments such as Amazon Web Services, Microsoft Azure, or Google Compute Engine, need IT to constantly write fresh policies for every application and its parts by plumbing the allowed IP addresses and port/process connections for each service. This method takes a lot of time, and leaves room for errors, which can cause delays and security issues that often add days or weeks to the deployment process.
Vice President of Product Management, Matthew Glenn, explains, “Illumio’s Security Templates let security and operations teams be as agile as they need to be.”
He goes on to state, “With ‘push-button’ policies, IT no longer needs to laboriously create manual (and error-prone) segmentation rules in switches and firewalls from scratch. Our security templates take the work out of categorizing applications, or modifying the network to secure these critical applications. Applying pre-tested rule sets rapidly and accurately enables truly adaptive segmentation approaches for applications.”
What this means for security
According to Illumio, in Windows Server areas, the new template method is especially useful, where process awareness in firewalls and network-based security technologies is poor, hampering the ability of these solutions to correctly segment and secure applications. It also takes time to fully understand how these applications operate before writing firewalls rules.
To get the same type of security provided by Illumio Security Templates with a network solution demands opening a large range of ports on the servers, which can increase the attack surface of the environment. The Illumio Adaptive Security Platform (ASP)™ harnesses the specific process and path used by the server, rather than dynamic ports, and applies the exact set of segmentation rules required for complete security.
Illumio Security Templates also take the guesswork out of security, since they have already been studied to be sure that they do not break applications. Security templates let organizations extend their Active Directory domains up to the public cloud without having to put security at risk.
The way it works is by enabling Illumio ASP to tightly bind a segmentation policy around an application, which can then be sent quickly across a range of critical servers and applications.