Skip to main content

Getting Started with Illumio Insights

  • Getting Started with Illumio Insights
  • What's New in Illumio Insights

What's New in Illumio Insights

Learn about new and updated features in Illumio Insights.

Resource Traffic Map Updates

This update allows you to see hybrid traffic between private data center servers and cloud resources when you view a resource in Resource Traffic. See Resource Traffic.

Traffic Table Updates

Enhanced filtering in the Traffic Table provides more granular control and accuracy when analyzing large datasets. These updates introduce column-specific logic and standardized controls, allowing for precise, query-style searches across your entire environment.

Total-Dataset Filtering

Filter criteria in drop-downs are retrieved from the entire dataset, not just the currently loaded table rows, meaning granular filtering is fully supported at scale, even for large traffic tables.

Column-Specific Filtering

This update introduces a refined table filter selector component that supports column-specific filtering logic. Previous table filters were typically value pickers. Now, filtering is no longer limited to selecting from a list; it now supports query-style comparisons per column, aligned with the data type of that column. New filtering logic includes:

  • Text operators. "Type ahead" matching for some text columns (for example, Label, Resource names) supports partial inputs in drop-downs to find and select items not initially listed.

  • Numeric operators. Support for using these operators (>, <, <=, >=, =) in numeric columns (for example, byte counts).

Granular filtering

Support for queries such as the following:

  • Find flows with a port range of 8000-8080

  • Filter for flows by source, destination, source AND destination, source OR destination

  • Find traffic where byte count exceeds a specific threshold

Filters are standardized and consistently placed

Each traffic table now has a similar set of filters at the top relevant to the context of each Insights page (IP, Service/Port, Resource, Country, Region, + Add Filter).

Cisco NetFlow and sFlow Integration

The Cisco NetFlow and sFlow integration is generally available (GA). It allows you to ingest flow data with NetFlow and sFlow and view this data in Segmentation and Insights.

See the Integration Guide.

Traffic Rules

Traffic Rules is available in Insights for all onboarded cloud accounts including AWS, Azure, and other supported clouds if you enable it for your organization. Traffic Rules also supports flows from workloads managed by VENs. Firewall flows are not matched or affected.

See Traffic Rules for Filtering Flows.

Label Insights

Label Insights delivers unified network traffic visibility across (a) private data center workloads protected by Illumio VEN agents, and (b) public cloud workloads managed by Illumio’s Cloud product. By combining flows from VEN‐monitored on‐premises assets with cloud‐native flows, security teams gain a consistent, label‐driven view of hybrid environments.

See Label Insights.

Insights Agent

Insights Agent's Threat Hunter persona allows you to launch an investigation that generates a detailed analysis of suspicious activity based on insights from Resource Traffic, Risky Traffic, Malicious IP Threats, External Data Transfer, Country Insights, and Firewall Insights widgets.

Licensing and Usage

Every Illumio customer will require a standalone license. The standalone license allows you to consume the product as a SaaS offering, deploy it in an on-premises environment, or operate in a hybrid deployment model. Review the updated licensing and usage information.

See Licensing and Usage for Illumio.