Illumio Adds Agentless Security with CloudSecure
Security platform provider Illumio has been offering a form of “zero trust” security since its founding in 2013, and now the company is bringing some of the same features it provides in its core offering to the public cloud, with this week’s launch of Illumio CloudSecure. Illumio uses a submarine and its method for containing leaks with compartmentalization as a metaphor for its approach to security, which similarly seeks to contain breaches using what it calls “microsegmentation”.
Illumio Core uses an agent to provide insight into application environments and to provide this microsegmentation, but, according to PJ Kirner, chief technology officer and co-founder at Illumio, three recent trends have driven Illumio to launch CloudSecure.
First, the move to managed services, whether Kubernetes or databases or otherwise, has taken many applications into environments where Illumio’s traditional agent-based service is not applicable. Second, the increase in infrastructure-as-code and DevOps practices has led to an increasing number of individuals involved in building infrastructure, which can make it more difficult to understand and unravel. Third, companies have continually moved to become multicloud and hybrid, whether because of compliance reasons, logistical necessities of their particular operations, or to take advantage of the various benefits of various public cloud providers.
“Agents have the value of being able to reach into the operating system to understand what’s going on closer to the application, but there’s places you can’t put agents, so you need an agentless-based solution as well,” said Kirner. Illumio brings both of those things to the table, and provides that uniform visibility across all kinds of environments, whether they be managed or your AIX server from a long time ago.”
The end result of these three trends, explained Kirner, is increased complexity and an inability for companies to not only understand their hybrid multicloud environments but also for Illumio Core to provide insight and protection there. Illumio CloudSecure does three particular things to solve this, said Kirner.
“In an agentless way, it collects whole object metadata and flow telemetry from your public cloud environments — it reaches in with read-only access, and kind of understands what your public cloud environment is. It then, secondly, builds a model and, and most importantly a map, to understand how all these components are working together,” said Kirner. “And then the third thing it does is it looks at the native cloud security controls, and recommends risk optimized rules, and then uses infrastructure as code patterns to help people automate those controls.”
Illumio CloudSecure, therefore, provides similar functionality to Illumio Core, but in an agentless manner for both Amazon Web Services (AWS) and Microsoft Azure, with Google Cloud Platform on the horizon for 2022.
“These two solutions, Illumio Core and CloudSecure, can actually complement each other,” said Kirner. “That map can actually be populated by both of these solutions together, and so that’s where you can solve some of the hybrid problems. We can get agent-based telemetry, and you can see how that’s talking to these Lambda functions that are inside your VPC, and have that all in one kind of uniform single pane of glass.”
Looking ahead, Kirner said that there are “other contextual elements that we want to bring into the fold,” such as bringing risks and vulnerabilities directly into these maps, thereby providing “a deeper, richer set of context in which to make these security decisions.”