Goals & Objectives
This lab's first goal is to give users an environment to explore the MNC from a HA perspective. Users can simulate network failures, network and domain misconfigurations, and cluster server misconfigurations to determine how the Illumio cluster will react. The lab presents a unique environment since the user can spin up a new lab and not worry about bringing the cluster back up if things go wrong. Additionally, configuration changes can be tested in the lab, allowing the user to develop management and deployment plans and continue to try those plans on new environments. Configuration and management changes include everything from managing workloads to managing users, groups and roles.
The second goal is to give the user access to Illumio tied to a Kubernetes cluster. This will allow users to deploy Kubernetes applications and see how Illumio provides visibility and management of container-based workloads. This also enables users to try out managing both container-based workloads and Windows/Linux workloads.
The third goal is to demonstrate some integration capabilities. For this, Illumio MNC is integrated with Splunk, leveraging the Illumio Splunk apps. This will allow the user to get information about the MNC cluster into Splunk, giving the ability to join Illumio data with other data streams.
This lab is not intended as a primer on setting up policies in Illumio to manage workloads. WWT has a comprehensive lab for setup and management of workloads. If interested, you can launch our Illumio Segmentation lab.
Hardware & Software
This lab consists of the following hardware and software:
- Illumio ASP
- Splunk log collector
- Palo Alto VM-series firewall
- 4x Illumio Multi-Node Cluster (Centos 7)
- 1x Illumio Single-Node Cluster (Centos 7)
- 1x Windows Jumphost (Windows Server 2016)
- 1x Windows Domain Controler
- 1x Splunk Server (CentOS 7)
- 1x Syslog Server (CentOS 7)
- 3x Kubernetes Server (CentOS 7)
- 1x Windows 10 Client (Windows 10 Enterprise)
- 3x Red Hat Clients (Red Hat Enterprise Linux 7)
- 1x Attack Host (Kali Linux)