Illumio solution gains Federal certification for enterprise security management

Tech Intelligence Bulletin (HG Insights) – Illumio has completed the rigorous and comprehensive security testing and evaluation for Common Criteria certification.

Illumio’s solution is now the first segmentation solution to be certified for the National Information Assurance Partnership (NIAP) Protection Profile for Enterprise Security Management version 2.1.

Zero Trust environment

With Common Criteria certification, Illumio’s Adaptive Security Platform (ASP) meets the Information Assurance (IA) requirements for U.S. Defense agencies, Allied Defense agencies, and other regulated industries to prevent the spread of breaches inside data center and cloud environments. Furthermore, Defense agencies looking to secure their high-value assets (HVAs) and critical applications can now leverage Illumio’s platform, which allows them to implement a Zero Trust environment. Zero Trust helps address one of the biggest challenges faced in the industry – insider threats.

Isolate threats and prevent malicious acts

“Government agencies face a myriad of cyber threats not only from outside actors but also insiders such as contractors and temporary workers who inadvertently put the network at risk. In fact, the issue is of such importance that the Department of Defense recently asked the National Institute of Standards and Technology (NIST) to develop a custom security guidance document for contractors to follow to better protect unclassified and classified materials,” said Don French, Director of Federal Sales, Illumio. “With Common Criteria certification, our Adaptive Security Platform can now be leveraged by agencies to isolate threats and prevent malicious acts from moving laterally across their network to ensure the integrity of their critical data and high-value assets.”

Less expensive than traditional segmentation

Illumio’s real-time application dependency maps, vulnerability exposure insights, and security micro-segmentation work across any data center and any cloud on bare-metal servers, virtual machines, and containers. The company’s approach to cybersecurity focuses on decoupling security segmentation from the network infrastructure, greatly simplifying the creation, testing, and enforcing of security policy without impacting network performance in any way. With Illumio’s micro-segmentation solution, organizations can assure their most valued assets are protected. The approach is faster, safer, and much less expensive than traditional segmentation approaches.

In December of 2018, the Office of Management and Budget (OMB) released a memorandum outlining a new protocol for the securing of high-value assets (HVAs) for government agencies. Within the memorandum, the OMB—in conjunction with the Department of Homeland Security—cited the following elements:

  • Establishing Enterprise HVA Governance
  • Improving the Designation of HVAs
  • Implementing Data-Driven HVA Prioritization
  • Increasing the Trustworthiness of HVAs
  • Protecting Privacy and HVAs
  • Defining HVA Reporting, Assessment, and Remediation Requirements

The Common Criteria for Information Technology Security Evaluation—an international framework (ISO/IEC 15408)—defines a common approach for evaluating security features and capabilities of IT security products.