Illumio Proving Ground Lab

Bookmark

19 Launches

Solution Overview

WWT's Illumio High Availability lab, including Kubernetes, for container-based workload management contains an Illumio Multi-Node Cluster (MNC) set up to replicate a production system. The lab is running Illumio 19.3 LTS in a 2x2 MNC configuration. The lab is intended to demonstrate Illumio High Availability features and integration of server and container-based workloads. To further mimic a production system, the MNC is configured to encrypt all traffic between PCE servers and datastores and block all inbound traffic to Illumio specific ports not originating from within the MNC cluster components.

This lab includes a variety of Windows and Linux systems to simulate the management of workloads. Additionally, a three-node Kubernetes cluster is included and integrated with the MNC.

This lab guide will walk through the environment and the Illumio cluster. The lab will also identify several resources that can be configured using Illumio. Finally, the lab will describe other applications available to test out integration with Illumio.

Goals & Objectives

This lab's first goal is to give users an environment to explore the MNC from a HA perspective. Users can simulate network failures, network and domain misconfigurations, and cluster server misconfigurations to determine how the Illumio cluster will react. The lab presents a unique environment since the user can spin up a new lab and not worry about bringing the cluster back up if things go wrong. Additionally, configuration changes can be tested in the lab allowing the user to develop management and deployment plans and continue to try those plans on new environments. Configuration and management changes include everything from managing workloads to managing users, groups, and roles.

The second goal is to give the user access to Illumio tied to a Kubernetes cluster. This will allow users to deploy Kubernetes applications and see how Illumio provides visibility and management of container-based workloads. This also enables users to try out managing both container-based workloads and Windows/Linux workloads.

The third goal is to demonstrate some integration capabilities. For this, Illumio MNC is integrated with Splunk, leveraging the Illumio Splunk apps. This will allow the user to get information about the MNC cluster into Splunk, giving the ability to join Illumio data with other data streams

This lab is not intended as a primer on setting up policies in Illumio to manage workloads. WWT has a comprehensive lab for setup and management of workloads. If interested, you can launch our Illumio Segmentation lab.

Hardware & Software

This lab consists of the following hardware and software:
Software

Illumio ASP
Kubernetes
Splunk log collector
Syslog
Palo Alto VM-series firewall

Server Devices

4x Illumio Multi-Node Cluster (Centos 7)
1x Illumio Single-Node Cluster (Centos 7)
1x Windows Jumphost (Windows Server 2016)
1x Windows Domain Controler
1x Splunk Server (CentOS 7)
1x Syslog Server (CentOS 7)
3x Kubernetes Server (CentOS 7)

Client Devices

1x Windows 10 Client (Windows 10 Enterprise)
3x Red Hat Clients (Red Hat Enterprise Linux 7)
1x Attack Host (Kali Linux)

Contributors

Rudy Kasprzyk

WWT

National Technical Solutions Architect- Tanium Practice Lead

Kent Noyes

WWT

Distinguished Architect, Security

Cody Malloy

WWT

Technical Solutions Architect

Todd Ruch

WWT

Global Security | Practice Manager - Systems Delivery Services