Overview of Endpoint Concepts

Illumio Endpoint is a Virtual Enforcement Node (VEN) that allows you to visualize and segment workloads running on Windows and macOS endpoints accessible by the PCE. These are typically highly-mobile laptops that your team members use outside of your corporate security perimeter. Illumio Endpoint lets you manage and secure endpoint workloads efficiently, whether they are domain-joined or not, across wired, wireless, and VPN network interfaces.

Illumio Endpoints Benefits

Endpoint traffic visibility. Obtain a comprehensive view of all endpoint workloads, including both wired and wireless connections.
Deny by default. Block all but necessary communication to and from laptops, VDIs and workstations.
Limit zero-day risk. Protect your environment without waiting for an attack to create a signature and be detected by your security tools.
Zero touch to the network. Use endpoint segmentation that is not tied to the network, unlike NAC or SD-WAN.
Dynamic policy management. Create and enforce security policies tailored to endpoints and automatically change those policies when the device is used outside of the corporate environment.

Differences from Server VENs

While Endpoint VENs are nearly identical to Server VENs, they do differ in the following ways:

When creating a Pairing Profile for an Endpoint VEN, you must select Endpoint VEN in the Servers & Workloads > Pairing Profiles > Enforcement Node Type. (Conversely, the Enforcement Mode Type for Server VENs requires the Server VEN setting.)
Endpoint VENs don’t support SecureConnect or AdminConnect.
Endpoint VENs support wireless connections and VPNs.

Endpoint VEN on macOS does not support the following features:

Process-based policy
Adaptive User Segmentation (AUS)
Aggressive tamper detection
Kerberos authentication
Installation on server workloads

Endpoint Concepts Guide