Skip to main content

What's New and Release Notes for 26.x

New and Enhanced in Segmentation

Explore new features and learn about significant enhancements to existing features in Illumio Segmentation.

What's New in Segmentation?

Feature	Summary
Linux Process Based Outbound Policy Enforcement	Observe and control outbound network connections from Linux workloads based on the identity of the originating process (executable), rather than relying solely on IP addresses, ports, or host-level rules. This adds executable-level context to outbound policy, helping security teams enforce least-privilege outbound access and reduce the risk of unauthorized tools using allowed network paths.
Policy Advisor	Use the Policy Advisor to automate security policy creation. The Policy Advisor analyzes your application and environment labels to generate tailored policy recommendations using an AI-powered summary on what the policy does. These recommendations can help you enforce zero-trust segmentation, reducing manual policy design and risk exposure.
AI Labeling for Cloud and Data Center	AI Labeling simplifies resource labeling by automatically discovering resources across cloud and data center environments and generating label recommendations. After you review and approve a recommendation, the feature assigns the appropriate labels without requiring manual analysis of each workload or resource.
Labeling Rules for Cloud	Labeling Rules for Cloud allow you to apply labels to one or more cloud resources when their attributes match the conditions you specify in easily configurable rules. This simplifies the task of labeling multiple cloud resources.
Cilium CNI Plugin Support	Illumio is compatible with Cilium-based Kubernetes clusters. This update allows you to manage Illumio policies on Cilium-backed nodes while maintaining Illumio's standard enforcement model.
Cloud Onboarding and Troubleshooting	Use Quarantine to isolate potentially compromised cloud resources by enforcing a predefined policy that restricts normal communication to and/or from the affected resources.
Pagination Support for Labels API	A new endpoint, GET /api/v2/orgs/:xorg_id/label/paginated, provides a dedicated, paginated interface for retrieving labels.
Pagination Support for Workloads	A new endpoint, GET /api/v2/orgs/:xorg_id/workloads/paginated, provides a dedicated, paginated interface for retrieving workloads.

What's Enhanced in Segmentation?

Feature	Summary
Quarantine Resources	Use Quarantine to isolate potentially compromised cloud resources by enforcing a predefined policy that restricts normal communication to and/or from the affected resources.
Unified Map	This release includes improved Unified Map performance and responsiveness.
AWS Firewall Visibility Inventory Traffic Map	Inventory Cloud Inventory adds support for AWS firewall visibility and includes updates for Azure Firewall Policy. See Inventory. Traffic Filters Cloud Traffic includes the addition of default parameters for endpoint calls that filter for allowed and denied status items. Three new columns are available: Flow ID, Routed Through, and Capture At. You can filter traffic using Captured At, Routed Through, and Firewall for any source and destination. These enhancements improve visibility into cloud resources and traffic analysis workflows. See Traffic. Cloud Map now provides expanded support for AWS and Azure firewall and peering views, along with new toolbar controls, topology and traffic view toggles, and updated connection-line styling for improved navigation. See Map.

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.