When organizations have data centers scattered throughout the country and also rely on the public cloud, the enforcement of micro-segmentation policies is critical for enterprise security. Illumio is helping companies deploy these types of solutions with the introduction of its PCE Supercluster. It offers a micro-segmentation and visibility solution that scales well beyond 100,000 workloads.
“Security solutions that cannot scale with an organization’s infrastructure put the burden on customers to make sacrifices that can result in security gaps. When we read different breach reports, these misconfigurations can be the point of entry for bad actors,” says Matthew Glenn, vice president of product management, Illumio. “The beauty of PCE Supercluster is that for the first time IT organizations have full global visibility, centralized management, and consistent enforcement of micro-segmentation policies across multi-region infrastructure at very large scale – finally, true global application workload protection through micro-segmentation.”
Global enterprises have thousands to hundreds of thousands of workloads sprawled across a combination of private and public clouds with bare-metal, virtual machines, and containers. The traditional approach to segmenting global data centers uses any combination of VLANs, data center firewalls, SDN, and other networking technologies that are complex to deploy, operate, and manage. Keeping track of VLANs, IP addresses, subnets, and managing policies as well as firewall rules requires a virtually endless treadmill of infrastructure re-architecting to keep pace with application security needs.
In contrast, PCE Supercluster enables micro-segmentation without any dependency on the network to deliver:
- Global real-time application dependency mapping and visibility across all data center and cloud workloads.
- Micro-segmentation security policies that follow the workloads everywhere at a global scale.
- A federated security control plane that scales to hundreds of thousands of workloads.
- Automated disaster recovery for global security policies.
- Alignment of Zero Trust security practices with fault isolation, high availability, and disaster recovery objectives.