Getting Started with Illumio Insights

Get a unified view of your network's compliance posture so you can analyze guardrail rule violations and remediate issues.

See Network Posture Insights.

Troubleshoot common configuration errors during the AWS and Azure onboarding process.

See Troubleshooting Videos for Cloud Onboarding.

Firewall Insights is available for AWS and Azure in addition to the current support of Fortinet, Check Point, and Palo Alto Networks, providing broader insights into firewall activity across cloud providers. These updates expand cloud visibility, improve traffic investigation, and enhance the overall user experience across the product.

See Firewall Insights.

Use Quarantine to isolate potentially compromised cloud resources by enforcing a predefined policy that restricts normal communication to and/or from the affected resources.

See Quarantine Resources.

This update allows you to see hybrid traffic between private data center servers and cloud resources when you view a resource in Resource Traffic. See Resource Traffic.

Enhanced filtering in the Traffic Table provides more granular control and accuracy when analyzing large datasets. These updates introduce column-specific logic and standardized controls, allowing for precise, query-style searches across your entire environment.

Total-Dataset Filtering

Filter criteria in drop-downs are retrieved from the entire dataset, not just the currently loaded table rows, meaning granular filtering is fully supported at scale, even for large traffic tables.

Column-Specific Filtering

This update introduces a refined table filter selector component that supports column-specific filtering logic. Previous table filters were typically value pickers. Now, filtering is no longer limited to selecting from a list; it now supports query-style comparisons per column, aligned with the data type of that column. New filtering logic includes:

Granular filtering

Support for queries such as the following:

Filters are standardized and consistently placed

Each traffic table now has a similar set of filters at the top relevant to the context of each Insights page (IP, Service/Port, Resource, Country, Region, + Add Filter).

The Cisco NetFlow and sFlow integration is generally available (GA). It allows you to ingest flow data with NetFlow and sFlow and view this data in Segmentation and Insights.

See the Integration Guide.

Traffic Rules is available in Insights for all onboarded cloud accounts including AWS, Azure, and other supported clouds if you enable it for your organization. Traffic Rules also supports flows from workloads managed by VENs. Firewall flows are not matched or affected.

See Traffic Ingestion Rules for Filtering Flows.

Label Insights delivers unified network traffic visibility across (a) private data center workloads protected by Illumio VEN agents, and (b) public cloud workloads managed by Illumio’s Cloud product. By combining flows from VEN‐monitored on‐premises assets with cloud‐native flows, security teams gain a consistent, label‐driven view of hybrid environments.

See Label Insights.

Insights Agent's Threat Hunter persona allows you to launch an investigation that generates a detailed analysis of suspicious activity based on insights from Resource Traffic, Risky Traffic, Malicious IP Threats, External Data Transfer, Country Insights, and Firewall Insights widgets.

Every Illumio customer will require a standalone license. The standalone license allows you to consume the product as a SaaS offering, deploy it in an on-premises environment, or operate in a hybrid deployment model. Review the updated licensing and usage information.

See Licensing and Usage for Illumio.