The title of this blog post is accurate and illumio killed it with their #NFD19 presentation. In order to get the attention of your audience, you have to keep them engaged! Do yourself a favor, subscribe to the Tech Field Day YouTube channel below and you’ll understand where I’m coming from.
The representatives from illumio included:
- PJ Kirner, CTO and Founder
- Wendy Yale, VP of Marketing
- Matthew Glenn, VP Product Marketing (pictured above)
- Anand Ghody, Technical Marketing Engineer
Wendy provided us with an illumio overview. The company was founded in 2013 but went to market in 2014. The focus of the company is Micro-Segmentation (aka Cyber Resilience), which breaks down the data center in smaller segments and by doing so, it reduces the attack surface.
Why is this necessary? Please consider the following cybersecurity statistics:
- 225%+ breach increase since 2010
- 172 days average bad actor dwell time
How can illumio help? It prevents the spread of breaches inside the data center and cloud. illumio’s Adaptive Security Platform that starts with real time visibility that includes application dependency mapping tells you what’s communicating inside your environment with an end goal that should tell you what should or should not be communicating and vulnerability mapping to show where connections are most vulnerable.
The PCE Supercluster was described by PJ Kirner as a federated security control plane for 100,000+ workloads. It includes a global security policy and real-time app dependency mapping with automated disaster recovery for global security policies. Illumio’s architecture is 100% software delivery (no hardware required) and includes the following components:
- VEN (Virtual Enforcement Node) – an agent that gets installed on workloads (datacenter or cloud environments). Supports Windows and Linux workloads.
- PCE (Policy Compute Engine) aka the Central Brain. The PCE functions to compile instructions and then implement\execute the policy back into the VENs, then the controls are implemented in terms of IP tables or Windows filtering platform.
- ASP (Adaptive Security Platform) activates and controls the sensors and environment points that you already own while also collecting data.
The PCE Supercluster was designed for Global Enterprise Reliability that includes High Availability (HA) and Disaster Recovery (DR), Global enterprise scale and it is deployed in production at scale today. The benefits of PCE are listed below:
- Broader width for policy updates that includes faster propagation of policy to large number of workloads
- Local vs. Global balanced
- Supporting global connected applications
- Also optimized for applications that may be local to a region
- Greater control of PCE cluster placement
- Enabling local pairing with global policy
- Central configuration of non-policy PCE settings
- Continued separation of infrastructure from security policy
- Supports fault isolation
Why do other architectures fail? A few examples are listed below:
Single centralized system:
- Won’t scale
- WAN bandwidth impacts the collection of data
- Risky “Placing all of your eggs in ONE basket”
- Burden of synchronization across disconnected control planes is the customer’s responsibility
- Workload and policy objects
- Cross region flows policy needs to be handled multiple times
- Lack of organization-wide visibility is a challenge for policy creation\validation
To close out the presentation, Matthew Glenn and Anand Ghody worked in perfection as a tandem as they provided the Tech Field Day delegates 5 (YES FIVE) demos of PCE which can be delivered via SAAS or On-Premises (2×2 or 4×2 cluster options). The demos included a three region Supercluster with a fourth region as a disaster cluster. The names for each of the demos is listed below with a hyperlink for your convenience.
- Global Visibility and Policy Propagation
- Global Policy Portability-Application Disaster Recovery
- Intra-Region PCE Resiliency
- PCE Supercluster Disaster Recovery – Inter-Region
- Vulnerability-Based Segmentation
I snapped a few photos and they can be found here and included a few tweets (see below):
For more information about illumio, Tech Field Day and how to become a TFD – please click on the links below:
Please take a moment to subscribe to the YouTube channel which also includes watching the various videos that were posted throughout the day. Kudos to PrimeImage Media for recording the live sessions.