How Microsoft and Illumio are transforming cloud-era firewall security.

In the age of ransomware, cyber attacks, and hybrid cloud environments, traditional firewall security is no longer sufficient to protect a company or organization’s data and assets. That’s why Microsoft and Illumio, a leading provider of Zero Trust Segmentation solutions, recently partnered to offer a new integration aimed at simplifying firewall policy management for Azure users.

Illumio for Microsoft Azure Firewall, which became generally available last month, leverages the native capabilities of Azure Firewall to enable zero-trust segmentation. Zero Trust Segmentation is a security strategy that controls communications between different parts of the environment to anticipate breaches and limit the impact of cyber attacks.

Zero Trust Segmentation is based on the principle of least privilege access, meaning that only necessary and authorized connections are allowed between different workloads, devices, or networks. This means that only necessary and authorized connections are allowed between different workloads, devices, or networks. This means that in the event of a breach, an attacker cannot easily move laterally or horizontally across the environment and compromise more data or assets.

The integration will allow Azure users to easily create and manage context-based security rules that automatically adapt to dynamic changes in the Azure environment, such as scaling up or down, adding or removing resources, or updating dependencies. They can also use a simulation mode to test and validate the results and impact of security policies before they are fully implemented. This integration also provides a single pane of glass for visibility and policy across hybrid cloud environments. This means that users can see and protect all traffic flows between Azure resources and other cloud or data center assets from a single location.

According to Anne Johnson, corporate vice president of Microsoft Security, the partnership with Illumio was driven by customer demand and feedback and a shared vision of hybrid cloud security with Zero Trust “We are fully ecosystem oriented,” said Johnson. “We are completely ecosystem-focused and believe that our customers have a variety of solutions in-house to help them with their security posture. The best thing for us is to ensure that we are integrated with those solutions and that our customers receive maximum protection. Zero Trust supports the core of that,” Johnson said in an exclusive interview with VentureBeat. Johnson added that Illumio for Azure Firewall helps customers implement security policies more easily and quickly, thereby reducing risk and getting more out of their security strategy. We are excited to support Illumio and our joint customers with this frictionless approach to zero-trust segmentation.”

Illumio CEO Andrew Rubin told VentureBeat that the integration represents a key part of the story of how Illumio is bringing zero-trust segmentation to the public cloud. For our customers, it’s a universal fact that hybrids are the future,” he said. It is today, tomorrow, and forever. And the reality is that the definition of hybrid will vary from company to company and organization to organization,” Rubin said. Rubin explained that Illumio’s technology simplifies the process of creating context-based security rules by using a policy engine that can understand and manage all assets and public cloud infrastructure. He said, “What we’ve done is make sure that policies are always instantiated in the right way, even as they are written as you scale up and down your Azure environment or as you move public cloud environments over time.”

Rubin also stressed the importance of zero-trust segmentation as a key control to limit the spread and damage of ransomware attacks, which have become one of the biggest concerns for businesses in recent years. Ransomware is indiscriminate, it strikes everyone, and when it lands, it spreads quickly. So ransomware has caused a shift in mindset about what threats we need to protect against. Of course, we want to stop it before it happens. But if we miss it, how far can it spread and how devastating can it be?” Rubin said he expects the partnership with Microsoft to grow and evolve based on customer feedback and demand. We need to protect our customers’ public cloud assets in the exact same way we have protected their data center and endpoint assets for years. This is a great way for us to begin that journey. And our hope is that our customers will drive us to integrate even deeper,” he said.

The Microsoft-Illumio partnership reflects a broader trend in the cybersecurity industry to adopt a zero-trust mindset and strategy. Zero Trust assumes that breaches are inevitable and focuses on minimizing their impact by validating all requests and connections before granting access. This is in contrast to the traditional perimeter-based security model, which relies on firewalls and other devices to create boundaries between trusted and untrusted networks.

However, implementing a zero-trust strategy is not without its challenges. As Johnson points out, many of the problems have more to do with workflow and policy than technology. Many of the problems we face in implementing a zero-trust policy actually have more to do with workflow policies than with technology. And that’s because it fundamentally changes the way we work. So if we can make it easier for people to actually adopt technology that supports that change and the way they work, it’s better for our customers and a frictionless environment,” she said.

The Illumio for Azure Firewall offering aims to address some of these challenges by reducing the friction and complexity of policy creation and management and allowing customers to focus on the cultural and workflow aspects of zero-trust. Illumio for Azure Firewall also integrates with native Azure Firewall functionality to maximize the value and impact of Azure Firewall as a security investment for customers.

Source : https://venturebeat.com/security/how-microsoft-and-illumio-are-reinventing-firewall-security-for-the-cloud-era/