Sold by: Illumio
Deployed on AWS
Free Trial
Vendor Insights
AWS Free Tier
Illumio Zero Trust Segmentation (ZTS) Platform is the only solution that handles it all: Endpoint-Endpoint, Endpoint-Server, Server-Server, as well as extensive support for cloud workloads, containers, IoT, and OT devices. Empowering organizations to be more resilient for whatever may come their way. ZTS contains the spread of breaches and ransomware across the hybrid attack surface by continually visualizing how workloads and devices are communicating, creating granular policies that only allow wanted and necessary communication, and automatically isolating breaches by restricting lateral movement proactively or during an active attack.
In addition, Illumio ZTS includes the Illumio Virtual Advisor (IVA) which provides actionable, AI driven guidance for even the most complex tasks. With IVA, teams can streamline their workflows with instant, expert-level answers to their questions. Quickly access critical information and achieve complex tasks simply by asking the virtual advisor.
4.5
Overview
Illumio Breach Containment Platform provides comprehensive mapping of traffic telemetry across hybrid multi-cloud environments and endpoints for applications, data, and cloud workloads. This visualization allows security teams to uncover unnecessary connectivity that increases risk. With the Illumio Breach Containment Platform, you can easily know if you are at risk of an attack or currently under attack. Detailed context-based label descriptions of objects guides teams as they create policies, based on applications' components and relationships. With Illumio, teams can make faster, more informed decisions about what traffic to segment to proactively maintain a strong security posture or reactively isolate a breach.
Illumio Breach Containment Platform is made up of these solutions:
Illumio Insights for visibility and incident response. Quickly identify risk, detect attacks, and contain threats with a single click. Empower security teams to protect critical assets and respond instantly.
Illumio Segmentation for cloud and on-premises data center workloads. Limit an attacker's ability to travel across lateral traffic with proactive policy controls that limit the exposure of valuable assets
Highlights
- See risk Visualize all communication and traffic between workloads and devices across the entire hybrid attack surface. Gain visibility with real-time telemetry and data, understand application communications, security policy, usage, access and security exposure with a comprehensive map of traffic flows.
- Set policy Comprehensive monitoring and simplified labeling that helps eliminate blind spots by automatically setting granular and flexible segmentation policies that control communication between workloads and devices to only allow what is necessary and wanted.
- Stop the spread Proactively isolate high-value assets or reactively isolate compromised systems during an active attack to stop the spread of a breach by programming dynamic workload policies for hybrid multi-cloud networks and endpoints, and applying automated policy recommendations.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Trust Center
Access real-time vendor security and compliance information through their Trust Center powered by Drata or Vanta. Review certifications and security standards before purchase.
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(1)
ISO27001
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Illumio Breach Containment Platform | Price per 250 secured workloads + Breach Containment Platform | $109,000.00 |
100 CloudSecure Workloads | Price per 100 public cloud workloads | $38,400.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Illumio provides customers with 24/7 support by phone, email, and through our support portal. +1 888 631 6354, support@illumio.com ,
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Illumio
By Zscaler, Inc.
Top
50
In Security Observability, Device Security
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Real-time Traffic Visualization
Comprehensive mapping and visualization of all communication and traffic flows between workloads and devices across hybrid multi-cloud environments and endpoints with real-time telemetry data.
Granular Segmentation Policy Creation
Automated generation and application of granular, context-based segmentation policies that control communication between workloads and devices to allow only necessary and wanted traffic.
Multi-Environment Workload Support
Support for diverse workload types including endpoint-to-endpoint, endpoint-to-server, server-to-server communications, cloud workloads, containers, IoT devices, and OT devices across hybrid architectures.
Dynamic Breach Isolation
Proactive and reactive isolation capabilities that restrict lateral movement by programming dynamic workload policies and applying automated policy recommendations during active attacks or for high-value asset protection.
AI-Driven Policy Guidance
Integrated artificial intelligence-driven virtual advisor that provides actionable recommendations for policy creation and complex segmentation tasks through natural language interaction.
Network Policy Enforcement
Fine-grained network policies that limit egress traffic by IPs, domains, and IP CIDRs with automatic namespace boundary identification and policy recommendations for namespace isolation.
Egress Traffic Management
Egress Gateway functionality that assigns static IP addresses to egress traffic from Kubernetes pods for integration with firewalls and tools requiring static IP identification.
Ingress Traffic Management
Ingress Gateway using Gateway API standard with integrated Envoy Gateway for comprehensive security and observability of ingress traffic.
Multi-Cluster Network Security
Centralized network security management across multiple Kubernetes distributions supporting individual and multi-cluster deployments in cloud and on-premises environments.
Network Observability and Risk Mitigation
Observability and risk mitigation capabilities for detecting and mitigating security breaches across all types of network traffic including egress, ingress, in-cluster, and cross-cluster communication.
Zero Trust Architecture
Cloud-native zero trust platform that applies zero trust principles to eliminate attack surface and prevent lateral movement across users, applications, and infrastructure.
AI-Powered Threat Detection
AI-powered cyberthreat and data loss prevention services that detect and prevent advanced threats, accidental exposure, theft, and ransomware attacks.
Next-Generation Network Access
Next-generation zero trust network access (ZTNA) platform enabling seamless and secure connectivity to private applications, services, and operational technology devices.
Data Loss Prevention
Data protection capabilities preventing data loss from users, SaaS applications, and public cloud infrastructure through comprehensive loss prevention policies.
End-to-End Digital Experience Monitoring
End-user perspective monitoring and visibility across device, ISP, cloud proxy, and application layers to optimize performance and identify application, network, and device issues.
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
-
-
-
No security profile
No security profile
Standard contract
No
No
No
Customer reviews
reviewer2333424
Zero-trust visibility has transformed OT security and now manages critical network risks safely
Reviewed on Jun 24, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Illumio Segmentation is security and visibility, as I am able to get a lot of visibility in networking, even in sites I don't know about, and it is a strong security solution.
For example, I am using Illumio Segmentation for visibility. If you have the Illumio agent in a network, even on devices that are not manageable, they will be able to understand the traffic around them, bringing information about the networking and remote networking to your operation. On the security side, Illumio Segmentation is a zero-trust operation, so it does not allow a connection that is not explicitly allowed. By default, it blocks everything. Nowadays, the best case I have is with OT environments in manufacturing that block every network that is not allowed to work inside the OT devices.
What is most valuable?
Zero-trust is the default operation with Illumio Segmentation. When you start to deploy it, you already begin to listen for the traffic that should not be allowed, because Illumio Segmentation by default is zero-trust but not enforcement. As you start Illumio Segmentation, you begin to see what happens in the networking and what kind of traffic you should not allow to work. It is easy to deploy and understand what happened, and very easy to go and block everything if you want. Additionally, because of the visibility correlation, if you define one asset to not be able to receive some kind of traffic, it is ready to make a correlation with the source of the traffic to look for other assets that receive the same kind of traffic, helping to understand what happened in your network. The zero-trust and visibility operations are incredible features, and I think it is the best way to use that.
Illumio Segmentation is deployed in my organization in a hybrid cloud environment, and I have another customer who operates totally in the cloud. The product fits very well in both cases, as it is very strong in that aspect. I can say it is the best solution on the cloud because it is the only one that really has features from Oracle, making it adaptable in all environments.
Illumio Segmentation has had a positive impact on my organization, as it has created a very impressive impact because it is a worldwide operation. Even though they deployed it only in Brazil, they are already looking to expand to other countries because of the results. They are achieving amazing results, specifically because on the OT side, the features of Illumio Segmentation are very easy to deploy and have no impact on operation.
I have seen specific results since deploying Illumio Segmentation, such as better visibility and less risk, because nowadays they know what kind of traffic happens in the OT environment and have already blocked it. They are not sure what could happen because they blocked that. Now, they are able to understand what happens in networking without risks. I am talking about an operation where a failure can lead to a disaster, such as an explosion or electrical power crash. Last year in this company, there was a very high incidence involving damage to people, but nowadays they feel more confident that they can manage the risks in the operation.
In my opinion, the best features Illumio Segmentation offers are that it is not an inline solution; it is an application, allowing you to start and stop Illumio Segmentation, rebuilding everything without stopping the services on the operation or the environment. It is a transparent operation, and the zero-trust and monitoring features are incredible, making it a very easy solution that does not consume a strong fingerprint, resulting in less CPU and less memory.
What needs improvement?
I would appreciate if Illumio Segmentation's interface were better. It is good enough to manage the operation and get the visibility, but when looking for data regarding licenses and expansion management, not operational points, it could be improved.
I do not have anything more to add about the needed improvements at this point because I know they have made some changes in the last three to six months, and I have not had time to closely look at the details regarding those changes. I can speak about this in the next three months at least, once I have more details about the results.
For how long have I used the solution?
I have been using Illumio Segmentation for around three years.
What other advice do I have?
I want to add that Illumio Segmentation works at an application level, so the manager of the network is able to stop Illumio Segmentation. Of course, that is not a security risk because Illumio Segmentation sends alerts in this case. The main point is that the operation is working, and if you have any single point of failure, you are able to turn that off. Illumio Segmentation does not impact the operation unlike other vendors that have inline solutions; it is a service solution. Therefore, it is easy to manage the environments, specifically OT environments that have many restrictions, making it very useful for...
Regarding Illumio Segmentation's AI capabilities, I think we need to go inside another product from Illumio called Insight; it is not the segmentation. On the segmentation side, I can only say it is not a real AI solution, but they have some kind of intelligence to understand the networking, the traffic, and the visibility. However, for true AI capabilities, the solution leads to the Insight product, which identifies risks in networking correlated with global attacks; it is a feature from Illumio, but it requires an additional purchase.
I advise others looking into using Illumio Segmentation to plan before starting, since you need to understand the size of your deployment, especially if you are going into the cloud. Integration with the cloud is very easy, but if you do full integration, you are going to pay for all assets in the cloud. Be careful about what you intend to accomplish before you start so you do not get a surprise on the price. It is not an expensive product, but if you have too many assets and you do not account for the number of assets, you might be surprised, especially if you bundle it with endpoint solutions. I have given this review a rating of ten out of ten.
Financial Services
Easy to Deploy and Highly Configurable, but Upgrades Need to Be Smoother
Reviewed on May 04, 2026
Review provided by G2
What do you like best about the product?
Illumio is easy to deploy and highly configurable.
What do you dislike about the product?
Upgrades could be more seamless (e.g. regression testing)
What problems is the product solving and how is that benefiting you?
Illumio solved our need for micro-segmentation, allowing us to restrict network access across the datacenter and user VLAN’s
Banking
Illumio: #1 A Lighter, Easier-to-Manage Solution for Large Environments
Reviewed on Apr 22, 2026
Review provided by G2
What do you like best about the product?
llumio is seen as a “lighter” and easier-to-manage solution in large environments
What do you dislike about the product?
Illumio still faces challenges to overcome, such as its approach to AI implementation at the K8s level—among other areas of opportunity related to the use of AI itself—but I believe it is on the right track for now.
What problems is the product solving and how is that benefiting you?
Personally, I find that microsegmentation using Illumio is much more user-friendly in terms of installation, configuration, and overall operation compared to other solutions
Legal Services
Easy Deployment, Strong Security Impact, and Great Support
Reviewed on Apr 21, 2026
Review provided by G2
What do you like best about the product?
We implemented Illumio in response to an internal audit. It was easy to deploy, configuration was straightforward, and it makes a measurable impact in our security posture org-wide. The UI is easy to navigate, performance has been very high, and the price is reasonable. Illumio's customer success team has been great to work with and provided prompt support.
What do you dislike about the product?
As with all micro-segmentation tools, it is very easy to make a high-impact bad configuration change. We have to be extremely careful, especially when we have junior engineers operating within the tool.
What problems is the product solving and how is that benefiting you?
An internal audit revealed a weakness in our previous micro-segmentation setup. Illumio addressed this weakness quickly, easily, and comprehensively.
Steve S.
Easy to Deploy, Fast Traffic-Flow Visibility with Illumio
Reviewed on Apr 18, 2026
Review provided by G2
What do you like best about the product?
Illumio is easy to deploy and within a few hours, you have total visibility of traffic flows on your network. There are no performance issues on the endpoints and pricing is inline with expectations
What do you dislike about the product?
There are no downsides of Illumio, the product is easy to use, wide operating support and quick to onboard
What problems is the product solving and how is that benefiting you?
For companies with legacy or flat networks, Illumio can easily solve the lateral movement problem without reengineering the network. Also stops blast radius in the event of a breach