Mapping Illumio to NIST SP 800-207 Zero Trust Architecture

Relying on a perimeter network security approach is no longer an effective option for securing high value assets (HVAs). Attackers will always be one or more steps ahead. Attacks are increasingly sophisticated, and the goal is to stop the lateral movement of malware. Federal agencies and commands are adopting Zero Trust as a strategy for securing their critical systems and HVAs.

This white paper reviews how llumio enables agencies and commands to achieve end-to-end Zero Trust via host-based micro-segmentation. The Illumio software architecture directly maps to the core logical components defined in NIST SP 800-207. A host-based micro-segmentation approach enables agencies and commands to plan and deploy Zero Trust that scales across multicloud and heterogeneous OS compute infrastructure. Illumio’s analysis and decision (PDP) is not in line to traffic – it does not impact application performance. Since host-based micro-segmentation is decoupled from networking constructs, you do not have to re-architect your network or SDN.