30 Fabulous Companies of the Year 2020

Illumio – One platform for visibility and control acrossthe data center and cloud environment


Segmentation is the best way to prevent the spread of breaches inside data centers and cloud environments. Traditional network segmentation, well understood by security and infrastructure teams, was designed to subdivide the network into smaller network segments through VLANs, subnets, and zones. Although these constructs can provide some isolation, their primary function is to boost network performance and requires control of the infrastructure, which is often a challenge in the public cloud.

Illumiois one such firm thathas developed adaptive micro-segmentation technology that prevents the spread of breaches inside any data center and cloud.Founded in 2013 by successful security industry pros, Illumio started with the mission that security should be the enabler — not the roadblock — to agile computing in both traditional data centers and public clouds. To build the most comprehensive and continuous security platform for the world’s most demanding organizations. The management team was recruited from industry leaders in the security and computing world including Cisco, Juniper, VMware, Nicira, McAfee, Fortify, and Riverbed. They bring with them the knowledge and well-earned track record to make Illumio the new foundation for cloud and data center security.

What does adaptive micro-segmentation give you?        

Segmentation Your Way

Illumio’s adaptive micro-segmentation technology lets you choose the level of segmentation that is right for your environment. The firm offers the widest range of segmentation options available without all the manual work normally associated with traditional segmentation.

With Illumio, you set up segmentation policies once and then they:

  • Work seamlessly between your data center and the public cloud.
  • Automatically stay in place as your applications move between environments and locations, or auto-scale up/down.
  • With the Illumio Policy Compute Engine (PCE) managing segmentation enforcement, your rule management overhead is eliminated for internal data center and cloud security.

Many vendors in the security industry offer greater "visibility" to your network. Illumio uniquely provides real-time application dependency and vulnerability maps across all your data center and cloud environments showing traffic flows, and which applications are connecting to vulnerable ports. This real-time visibility provides a foundation for creating the ideal micro-segmentation strategy.

Products furnished by Illumio that are unique

Adaptive Security Platform

The Illumio Adaptive Security Platform® (ASP) delivers real-time application dependency mapping and security segmentation to stop lateral movement inside data centers and cloud environments.Illumio ASP is uniquely designed to enable you to use the enforcement points that already exist in your infrastructure to improve your data center and cloud security. No additional hardware or re-architecting your network.It provides visibility into the connectivity between workloads across heterogeneous compute environments, generates optimal security segmentation policies based on how workloads communicate, and programs the native Stateful enforcement points in each host to enforce applicable firewall rules.

Virtual Enforcement Node (VEN)

Not just any lightweight agent – acting more like an antenna than an agent, the VEN is a core component of Illumio ASP. It sends and receives information, programs pre-existing enforcement points, and detects policy violations.

Policy Compute Engine (PCE)

It is the "brain" of Illumio ASP. The PCE builds a live map using the information shared from the VEN showing how applications are communicating and creates optimal security policies based on those insights.


Illumination® is a real-time application dependency map that visualizes communications between workloads and applications. It delivers insights on the connectivity within data centers and cloud environments and is the basis for building and testing micro-segmentation policy. Illumination takes live telemetry data provided by Virtual Enforcement Nodes (VENs) to visually display traffic flows between applications and workloads and the processes that comprise them.

The mastermind behind the masterstroke

ANDREW RUBIN is the founder and also serves as the Chief Executive Officer of Illumio. Mr. Andrew is responsible for the overall strategy, vision, and funding of Illumio. With expertise in the areas of network security and compliance management, Andrew is a frequent participant in panels, articles, and podcasts for leading industry events and publications. Goldman Sachs has named Andrew as one of the "100 Most Intriguing Entrepreneurs" in 2015, 2016, 2017, and 2019 as part of the Builders & Innovators program.

Prior to Illumio, Andrew has serves as the president of Cymtec and led Business Development for VoiceNet, where he was responsible for sales strategy, business development activities, and customer relationship management. Andrew graduated from Washington University in St. Louis with a BSBA in Finance.

“Illumio has developed adaptive micro-segmentation technology that prevents the spread of breaches inside any data center and cloud.”