Sold by: Illumio
Deployed on AWS
Free Trial
Vendor Insights
AWS Free Tier
Illumio Zero Trust Segmentation (ZTS) Platform is the only solution that handles it all: Endpoint-Endpoint, Endpoint-Server, Server-Server, as well as extensive support for cloud workloads, containers, IoT, and OT devices. Empowering organizations to be more resilient for whatever may come their way. ZTS contains the spread of breaches and ransomware across the hybrid attack surface by continually visualizing how workloads and devices are communicating, creating granular policies that only allow wanted and necessary communication, and automatically isolating breaches by restricting lateral movement proactively or during an active attack.
In addition, Illumio ZTS includes the Illumio Virtual Advisor (IVA) which provides actionable, AI driven guidance for even the most complex tasks. With IVA, teams can streamline their workflows with instant, expert-level answers to their questions. Quickly access critical information and achieve complex tasks simply by asking the virtual advisor.
4.4
Overview
Illumio Breach Containment Platform provides comprehensive mapping of traffic telemetry across hybrid multi-cloud environments and endpoints for applications, data, and cloud workloads. This visualization allows security teams to uncover unnecessary connectivity that increases risk. With the Illumio Breach Containment Platform, you can easily know if you are at risk of an attack or currently under attack. Detailed context-based label descriptions of objects guides teams as they create policies, based on applications' components and relationships. With Illumio, teams can make faster, more informed decisions about what traffic to segment to proactively maintain a strong security posture or reactively isolate a breach.
Illumio Breach Containment Platform is made up of these solutions:
Illumio Insights for visibility and incident response. Quickly identify risk, detect attacks, and contain threats with a single click. Empower security teams to protect critical assets and respond instantly.
Illumio Segmentation for cloud and on-premises data center workloads. Limit an attacker's ability to travel across lateral traffic with proactive policy controls that limit the exposure of valuable assets
Highlights
- See risk Visualize all communication and traffic between workloads and devices across the entire hybrid attack surface. Gain visibility with real-time telemetry and data, understand application communications, security policy, usage, access and security exposure with a comprehensive map of traffic flows.
- Set policy Comprehensive monitoring and simplified labeling that helps eliminate blind spots by automatically setting granular and flexible segmentation policies that control communication between workloads and devices to only allow what is necessary and wanted.
- Stop the spread Proactively isolate high-value assets or reactively isolate compromised systems during an active attack to stop the spread of a breach by programming dynamic workload policies for hybrid multi-cloud networks and endpoints, and applying automated policy recommendations.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(1)
ISO27001
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Free trial
Try this product free according to the free trial terms set by the vendor.
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Illumio Breach Containment Platform | Price per 250 secured workloads + Breach Containment Platform | $109,000.00 |
100 CloudSecure Workloads | Price per 100 public cloud workloads | $38,400.00 |
Vendor refund policy
All fees are non-cancellable and non-refundable.
Custom pricing options
Request a private offer to receive a custom quote.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Illumio provides customers with 24/7 support by phone, email, and through our support portal. +1 888 631 6354, support@illumio.com ,
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Illumio
By Zscaler, Inc.
Top
50
In Security Observability, Device Security
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Real-time Traffic Visualization
Comprehensive mapping and visualization of all communication and traffic flows between workloads and devices across hybrid multi-cloud environments and endpoints with real-time telemetry data.
Granular Segmentation Policy Creation
Automated generation and application of granular, context-based segmentation policies that control communication between workloads and devices to allow only necessary and wanted traffic.
Multi-Environment Workload Support
Support for diverse workload types including endpoint-to-endpoint, endpoint-to-server, server-to-server communications, cloud workloads, containers, IoT devices, and OT devices across hybrid architectures.
Dynamic Breach Isolation
Proactive and reactive isolation capabilities that restrict lateral movement by programming dynamic workload policies and applying automated policy recommendations during active attacks or for high-value asset protection.
AI-Driven Policy Guidance
Integrated artificial intelligence-driven virtual advisor that provides actionable recommendations for policy creation and complex segmentation tasks through natural language interaction.
Network Policy Enforcement
Fine-grained network policies that limit egress traffic by IPs, domains, and IP CIDRs with automatic namespace boundary identification and policy recommendations for namespace isolation.
Egress Traffic Management
Egress Gateway functionality that assigns static IP addresses to egress traffic from Kubernetes pods for integration with firewalls and tools requiring static IP identification.
Ingress Traffic Management
Ingress Gateway using Gateway API standard with integrated Envoy Gateway for comprehensive security and observability of ingress traffic.
Multi-Cluster Network Security
Centralized network security management across multiple Kubernetes distributions supporting individual and multi-cluster deployments in cloud and on-premises environments.
Network Observability and Risk Mitigation
Observability and risk mitigation capabilities for detecting and mitigating security breaches across all types of network traffic including egress, ingress, in-cluster, and cross-cluster communication.
Zero Trust Architecture
Cloud-native zero trust platform that applies zero trust principles to eliminate attack surface and prevent lateral movement across users, applications, and infrastructure.
AI-Powered Threat Detection
AI-powered cyberthreat and data loss prevention services that detect and prevent advanced threats, accidental exposure, theft, and ransomware attacks.
Next-Generation Network Access
Next-generation zero trust network access (ZTNA) platform enabling seamless and secure connectivity to private applications, services, and operational technology devices.
Data Loss Prevention
Data protection capabilities preventing data loss from users, SaaS applications, and public cloud infrastructure through comprehensive loss prevention policies.
End-to-End Digital Experience Monitoring
End-user perspective monitoring and visibility across device, ISP, cloud proxy, and application layers to optimize performance and identify application, network, and device issues.
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
-
-
-
-
-
No security profile
No security profile
Standard contract
No
No
No
Customer reviews
KlavsThaarup
Micro-segmentation has improved threat containment but now needs deeper visibility and container support
Reviewed on Mar 25, 2026
Review from a verified AWS customer
What is our primary use case?
Illumio 's use case compared to Akamai is exactly the same. For the purpose of micro-segmentation, it is the same.
What is most valuable?
The advantages of Illumio really stand out because they are not using the kernel module. The biggest thing is that the agents used, the software that goes onto the PCs or the servers, is not as comprehensive as that of Akamai . This might be better for some companies that want a light agent instead of a thick agent.
Illumio has some VPN features and encryption features that are not available in Guardicore.
Illumio's ability to contain threats through secure segmentation is positive. I would say it's a good part here.
They have some features that are not available in Akamai Guardicore.
What needs improvement?
Illumio does not have much in terms of application dependency mapping features. They lack layer 7 process level segmentation, which is a limitation.
In Guardicore, you have the layer 7, the process level. You don't have that in Illumio. This indicates that the information about malware, intrusion detection, and threats would be better in Guardicore because it has this layer 7 support which Illumio does not have.
Some customers like Illumio because it's a simpler product. If it's too complex, some customers think that it's better to have a more simple product. Of course, Illumio has some features that Guardicore doesn't have.
The container support in Illumio is not the same as in Guardicore.
Guardicore has native support for containers, but Illumio does not have native support. They need to install an agent in the container world, while Akamai Guardicore does not need to install an agent, so they have native support that Illumio lacks.
For how long have I used the solution?
I have been dealing with Illumio for only one year so far.
What do I think about the stability of the solution?
Regarding stability for Illumio and performance issues, I cannot answer that. So far, everything is going well. I do not see any problems.
What do I think about the scalability of the solution?
I think Illumio is scalable, the same as the others.
How was the initial setup?
It's rather complex to install Illumio, but that would be the same for both vendors. There is no big problem when you're installing it. It's pretty much straightforward.
What was our ROI?
I observe extensive return on investment with Illumio. The savings will be more than 100% from Illumio.
What's my experience with pricing, setup cost, and licensing?
It will be the same price as the Akamai price for Guardicore. It's expensive, that's true. But when you compare it to firewalls, then it may not be that expensive.
What other advice do I have?
Before, I mentioned that Illumio is not very comprehensive in comparison to Akamai. I said that they could have a lighter agent and also process level segmentation. There is something that's not perfect in Illumio that could be improved.
Which deployment model are you using for this solution?
On-premises
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
reviewer2783439
Segmentation has strengthened internal traffic control and reduces lateral movement risks
Reviewed on Mar 03, 2026
Review from a verified AWS customer
What is our primary use case?
What is most valuable?
Illumio offers great features such as controlling east-west traffic within data centers and clouds, enforcing segmentation policies between workloads, and reducing the attack surface by limiting unauthorized lateral movement.
Illumio's segmentation rules without requiring anything are pretty unique. It also integrates well with other security tools, giving you a centralized view of policy enforcement across your environment. If you're looking for east-west traffic control and zero-trust architecture, it's a great fit.
From what I have seen, Illumio positively impacts organizations by giving them a much clearer picture of their internal traffic, allowing them to identify risky connections they didn't see before. It also speeds up compliance, as I have heard, since they can enforce least privilege rules across their environments much faster. By reducing lateral movement, it just makes their overall security posture a lot stronger.
What needs improvement?
One area for improvement regarding Illumio might be making the policy management even more intuitive. Right now, it's powerful but can have a bit of a learning curve for some teams. Another thing could be deeper integrations with more third-party security tools. While they do integrate well, a broader set of APIs could make it even easier to slot into different stacks. It is already strong, but a bit more polish on usability and integration could take it further.
Another improvement might be around scalability, ensuring that as organizations grow, Illumio can handle even larger, more complex environments seamlessly. It would be great to see more advanced automation, such as AI-driven recommendations on segmentation rules or anomaly detection. That would really boost proactive security management.
For how long have I used the solution?
I have been using Illumio for about six months now.
What other advice do I have?
One big outcome we saw after implementing Illumio was a notable drop in lateral movement incidents. Within the first few months, we had about a 40% reduction in potential attack paths. On the compliance side, we cut audit times in half. What used to take weeks to validate now takes just a few days. It has really helped us tighten up both security and operational efficiency.
Illumio delivers really solid results. Micro-segmentation is top-notch, and we saw real security improvements. Some of the finer automation and user experience aspects still require a bit of effort to get fully dialed in. Illumio is deployed in our organization in the public cloud, specifically AWS . We use AWS , which is Amazon Web Services, as our cloud provider. We did not purchase Illumio through the AWS Marketplace .
Illumio is definitely a good solution if you have a lot of network traffic that you're dealing with. I rate Illumio a solid eight out of ten.
Marco G.
Zero Trust Segmentation That Boosts Visibility and Limits Breach Impact
Reviewed on Jan 27, 2026
Review provided by G2
What do you like best about the product?
Illumio is helpful because it stops attackers from moving around your network if a breach happens.
It uses Zero Trust segmentation to limit access without needing major network changes.
You get clear visibility into application traffic across data centers and cloud environments.
It’s quick to deploy, easy to manage, and scales well as your environment grows.
Overall, it reduces the blast radius of attacks, simplifies operations, and strengthens security with minimal disruption.
It uses Zero Trust segmentation to limit access without needing major network changes.
You get clear visibility into application traffic across data centers and cloud environments.
It’s quick to deploy, easy to manage, and scales well as your environment grows.
Overall, it reduces the blast radius of attacks, simplifies operations, and strengthens security with minimal disruption.
What do you dislike about the product?
Illumio can take time to fully tune, since defining the right policies requires upfront effort.
It focuses on segmentation, so it doesn’t replace other security tools like EDR or firewalls.
The value is highest in complex environments, which may limit impact for very small setups.
Licensing and cost can feel high compared to simpler controls.
Teams may also need training to get comfortable with the model and workflows.
It focuses on segmentation, so it doesn’t replace other security tools like EDR or firewalls.
The value is highest in complex environments, which may limit impact for very small setups.
Licensing and cost can feel high compared to simpler controls.
Teams may also need training to get comfortable with the model and workflows.
What problems is the product solving and how is that benefiting you?
Illumio helps stop cyberattacks from spreading inside a network by breaking it into small, controlled segments.
It gives clear visibility into how systems and applications talk to each other.
This makes it easier to spot risky connections and unusual behavior.
It automates security policies, reducing manual work and mistakes.
Illumio works across on-prem, cloud, and hybrid environments.
If a breach happens, the damage is contained instead of spreading everywhere.
Overall, it simplifies security operations while making the organization more resilient and compliant.
It gives clear visibility into how systems and applications talk to each other.
This makes it easier to spot risky connections and unusual behavior.
It automates security policies, reducing manual work and mistakes.
Illumio works across on-prem, cloud, and hybrid environments.
If a breach happens, the damage is contained instead of spreading everywhere.
Overall, it simplifies security operations while making the organization more resilient and compliant.
Legal Services
Needs More Innovation and Better Integration
Reviewed on Jan 12, 2026
Review provided by G2
What do you like best about the product?
The product does doesn't cause issues and not a lot of maintenance is required.
What do you dislike about the product?
Illumio lacks innovation and integration.
What problems is the product solving and how is that benefiting you?
Microsegmentation between servers.
Airlines/Aviation
Easy to Use and Powerful—Highly Recommended
Reviewed on Jan 07, 2026
Review provided by G2
What do you like best about the product?
Easy to use , powerfull and quick to freeze a problematic pc
What do you dislike about the product?
nothing yet :-) maybe that i should of got it earlier
What problems is the product solving and how is that benefiting you?
Latteral movement whithin some of our flat network subnet