How Microsoft and Illumio are reinventing firewall security for the cloud era

5 min read

Head over to our on-demand library to view sessions from VB Transform 2023. Register Here

In the age of ransomware, cyberattacks, and hybrid cloud environments, traditional firewall security is no longer enough to protect the data and assets of businesses and organizations. That’s why Microsoft and Illumio, a leading provider of Zero Trust Segmentation solutions, have recently partnered to offer a new integration that aims to simplify firewall policy management for Azure users.

Illumio for Microsoft Azure Firewall, which became generally available last month, leverages the native capabilities of Azure Firewall to enable Zero Trust Segmentation, a security strategy that assumes breach and limits the impact of cyberattacks by controlling the communication between different parts of the environment.

Zero Trust Segmentation is based on the principle of least-privilege access, which means that only the necessary and authorized connections are allowed between different workloads, devices, or networks. This way, if a breach occurs, the attacker cannot easily move laterally or horizontally across the environment and compromise more data or assets.

The integration allows Azure users to easily create and manage context-based security rules that automatically adapt to the dynamic changes in the Azure environment, such as scaling up or down, adding or removing resources, or updating dependencies. Users can also test and validate the outcome and impact of their security policies before fully enforcing them using a simulation mode, which protects applications and workloads from potential misconfigurations or disruptions.


VB Transform 2023 On-Demand

Did you miss a session from VB Transform 2023? Register to access the on-demand library for all of our featured sessions.


Register Now

The integration also provides a single pane of glass for visibility and policy across hybrid cloud environments, which means users can see and secure all traffic flows between Azure resources, as well as other cloud or data center assets, from one place.

According to Ann Johnson, corporate vice president at Microsoft Security, the partnership with Illumio was driven by customer demand and feedback, as well as a shared vision of Zero Trust and hybrid cloud security.

“We are completely ecosystem-focused from the standpoint that we believe that customers will have a variety of solutions in-house that will help them with their security posture. The best thing for us to do is make certain that we are integrated with those solutions, so that they can have the customers can have the maximum protection. Zero trust is a core underpinning of that,” Johnson said in an exclusive interview with VentureBeat.

Johnson added that Illumio for Azure Firewall will help customers reduce their risk and get more impact from their security strategy by implementing security policy more easily and quickly. “We are thrilled to be able to support Illumio and our joint customers with this frictionless approach to zero trust segmentation,” she said.

Andrew Rubin, CEO of Illumio, told VentureBeat that the integration represents a major piece of Illumio’s story of how it brings zero trust segmentation to the public cloud. “For our customers, the one thing that I think we all agree is universally true, is that hybrid is the future. It’s today, it’s tomorrow, it’s forever. And the reality is hybrid is going to be defined differently in every enterprise in every organization,” Rubin said.

Rubin explained that Illumio’s technology simplifies the process of authoring context-based security rules by using a policy engine that can understand and manage all the assets and public cloud infrastructure. “What we did was we made sure that as policy is written as the public cloud environment as the Azure environment scales up and scales down and moves over time, that the policies are always going to remain instantiated, the right way,” he said.

Rubin also emphasized the importance of zero trust segmentation as a key control to limit the spread and damage of ransomware attacks, which have been one of the top concerns for businesses in recent years. “Ransomware is an indiscriminate event, it’ll go after anyone, and it’ll spread as quickly as it can when it lands. So there was a mindset shift that ransomware drove around, what is the threat were protecting? Of course, we want to stop it before it happens. But when we miss, how far can it spread, and how catastrophic can it become?” he said.

Rubin said that he expects the partnership with Microsoft to grow and evolve based on customer feedback and demand. “We need to be protecting the public cloud assets of our customers exactly the same way that we’ve protected their data center and endpoint assets for years. This is an incredible way to start that journey for us. And what we hope what we expect is that our customers are going to drive us to integrate more deeply,” he said.

The partnership between Microsoft and Illumio reflects a broader trend in the cybersecurity industry towards adopting a zero trust mindset and strategy. Zero trust assumes that breaches are inevitable and focuses on minimizing their impact by verifying every request and connection before granting access. This contrasts with the traditional perimeter-based security model, which relies on firewalls and other devices to create a boundary between trusted and untrusted networks.

However, implementing a zero trust strategy is not without challenges. As Johnson pointed out, many of the issues have more to do with workflow and policy than technology. “A lot of the implementation issues with folks have in playing a zero trust policy actually have more to do with workflow policy than they do with technology. And because you’re changing the way they work fundamentally. So the easier we can make it for folks to actually implement technology to support that change and how they work, the better for the customers and the frictionless environment,” she said.

The availability of Illumio for Azure Firewall aims to address some of these challenges by reducing the friction and complexity of policy creation and management, and enabling customers to focus on the cultural and workflow aspects of zero trust. By integrating with the native capabilities of Azure Firewall, Illumio for Azure Firewall also maximizes the value and impact of Azure Firewall as a security investment for customers.

VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.

Source link