Illumio is taking a different approach to application security – controlling access to protected applications and the data they manage. The company has enhanced its Adaptive Security Platform (ASP) by integrating with Microsoft’s Active Directory groups. Unauthorized communications with Illumino-protected applications would be prevented. The company presents this as “Illumio ASP now can govern how hundreds of millions of users connect to applications across data centers, clouds or hybrid-cloud compute environments.”
This capability appears to be an interesting extension of security practices.
I’m reminded of an interesting discussion I enjoyed with Fortscale’s Chief Marketing Officer, Bert Rankin, about Fortscale 2.0 and the use of behavioral analysis of log information as a way to detect both insider and external security attacks. (See Applying Behavioral Analysis to Security for more information on that discussion) It is increasingly clear that it is necessary to use a much more detailed analysis of what is happening to unearth and protect against today’s very subtle security threats.
If Microsoft’s Active Directory is central to an enterprise IT environment, Illumio’s new capability would appear to be compelling. Access to supported applications would be denied to unauthorized users. Enterprises, however, are increasingly relying upon other platforms.
This means that Illumio’s adaptive user segmentation would be very helpful for only a portion of the enterprise’s applications. Those applications executing elsewhere, such in a Web-based environment executing on Linux or in a non-Microsoft cloud computing environment.