Illumio adds Qualys vulnerability data into their platform’s map of application communications

The Qualys data will strengthen the microsegmentation capabilities of the Illumio platform, which maps out the relationships between applications, and programs security enforcement to defend against threats which breach the perimeter.

The East-West exposure score

Sunnyvale CA-based Illumio has announced a significant partnership with Qualys which will add Qualys’ vulnerability mapping capabilities to the Illumio Adaptive Security Platform, which maps out the relationships between the applications in their network environment. The addition of this vulnerability and threat data to the Illumio application dependency mapping will show now potential attack paths in real time, and reveal connections to vulnerabilities within and between applications. That in turn will improve the ability of the Illumio platform to generate policies that prioritize patching and reduce risk.

“Our technology utilizes microsegmentation, which is a growing area of opportunity in enterprise security software,” said Jim Yares, Illumio’s SVP of Global Field Operations. “Most organizations are not watertight compartments. While their perimeters are fairly secure, they are harder to define, and they are still likely to be breached at some point. Stopping the breach from moving laterally once inside is the challenge.”

Yares said that while the idea of compartmentalizing the environment is not new – zones and VLANs, or the use of traditional firewalls, notwithstanding the fact that the latter are really meant for perimeters, all address this. However, he said that Illumio provides this microsegmentation in a more elegant way.

“You can’t do effective microsegmentation without a map of how apps communicate with each other,” Yares said. “Companies tend to have a map of their network environment, but not their apps. They already own the enforcement points they need to protect these  – in Windows it’s the Windows Filtering Platform – but  they just don’t use them, because they are too hard to manage.”

Illumio’s technology is designed to overcome this problem.

“We make a lightweight agent, that sends what it sees happening to our policy compute engine, the second piece in our solution, which is its central brain,” Yares explained. “This central brain knits together a dynamic real-time map that determines what security policies are needed, and that is used to program security policies to the enforcement points that aren’t normally used. The agent is both a sensor and a control point. The central brain creates the map, and tells the agents how to behave. It all makes the microsegmentation very easy.”

“This architecture allows us to have one map and one policy for the whole hybrid environment,” said Mukesh Gupta, Senior Director of Product Management at Illumio. “With one security policy, you can enforce on all workloads, which is the unique approach we bring.”

Illumio, which was founded in 2013, started out in the banking and financial services sectors, as well as the online and Web-scale markets. More recently, they have acquired a presence in the regulatory compliance market.

Illumio’s go-to-market strategy involves extensive strategic partnering with other vendors. Yares said that nature of the Qualys partnership sets it apart, however.

“I think this integration is unique,” he said. “Other technology partnerships allow us to cover more devices. For example, F5 makes load balancers and their partnership with us puts their load balancers on our dependency map.  The more places we can put our agents, the more information we get. Qualys, however, has a very big chunk of the vulnerability management market. So they add insight to our application map in a way that we haven’t had before.”

Yares said that the Qualys partnership will provide Illumio customers with a better understanding of the risks they face.

“We can take their vulnerability data on things like a lack of patching, or violations of password rules, and overlay it onto our map to understand risks in a different way,” he indicated. “It can give vulnerability management teams more insight into what they should patch first. That will create tremendous synergy for companies.”

The Qualys data has allowed Illumio to provide customers with an exposure score for their East-West traffic.

“The East-West exposure score is based on that map, and quantifies the risk, by determining how many other workloads connect to a given workload,” Gupta said. “The higher the score, the more vulnerable you are. We then use microsegmentation to restrict the number of workloads that can connect until patches are available.”

The new capability should enhance opportunities for Illumio’s channel, which is already involved in most of their deals.

“The overwhelming majority of sales we make go through resellers and channel partners,” Yares said. “That includes big global players like WWT and IBM, as well as regional or speciality players. Microsegmentation is a real opportunity for the channel, and this adds a new area of opportunity and revenue that they haven’t had before. It builds nicely on their revenue around firewalls and networking.”

The company made a major investment in its channel infrastructure last year.

“We made a very big push last summer to revamp our global partner program and expand it, quadrupling the teams,” Yares said. “There is now much more structure in the program, and more resources for opportunity management and enablement. We are also making a big push into Canada, expanding our presence there with a local team. That will go online next month.”