Illumio is an American business data center and cloud computing security company.
Illumio provides Adaptive Security Platform that leverages the Policy Compute Engine to form Policy rules based on metadata labels (Application, Environment, Role, Location) for all platforms. Their main challenge was to display show visibility dashboards for all the PCEs along with information about the associated metadata labels.
The Illumio App for QRadar provides couple of visibility dashboards. With traffic visibility, staff can pinpoint potential attacks and identify compromised workloads with Security Operations dashboard. Using the Investigations dashboard, admins get a single-pane-of-glass to monitor the health of all deployed and managed PCEs along with the associated labels and direction of data flow from the managed PCEs. This data helps a SOC admin get a better idea about the policy enforced and the segregation of flows according to the policy engine into allowed/blocked/potentially blocked.
Download a detailed case study to explore a solution in detail.