Current Release Notes

These release notes describe the new features, enhancements, resolved limitations, and known limitations for CloudSecure in this release.

Illumio CloudSecure is an agentless SaaS solution that provides visibility into your AWS and Azure network flows to define Zero Trust Segmentation policies in the public cloud, with the following features:

  • Multi-cloud coverage
  • Fast breach containment
  • Ease of use
  • Low total cost of ownership

For questions, please reach out to

What's New in This Release

The following new features are available in this release:

No. Feature Category Feature List
1. Visualization
  • Cloud, Region, and Account are now available as filterable categories in the Traffic page Beta Advanced Filter mode. See Traffic.
  • This resource is now visible on the Inventory page, and appears on the Cloud Map page as an attached resource for EC2 Instances and ElasticLoadBalancingV2 Load Balancers:
    • AWS:
      • ElasticLoadBalancingV2 Target Group
2. Deployments

You can now edit your deployments. See Define a Deployment.

Resolved Limitations in CloudSecure

  • Traffic flow filter by status not working as expected (C-3566, C-3686)
    Users navigating the Cloud Map sometimes also saw denied traffic included on a node Details page despite filtering for allowed traffic.
  • Error onboarding Azure Flow Logs (C-2890)
    Users would sometimes get an error when onboarding Azure flow logs due to CloudSecure not understanding that flow log destination access was already granted.
  • No description in Azure "Forbidden" onboarding message (C-2023)
    When encountering an Azure onboarding error message, users did not get sufficient information to readily resolve the problem.

Known Limitations in CloudSecure

  • AWS PaaS resources may not have ENI (C-3265)
    CloudSecure uses DNS lookup on the fully qualified domain name to get the elastic network interface relationships, which is not guaranteed to get a match. The potentially affected AWS resources are RDS DBInstances, RDS DBClusters, ElasticLoadBalancingV2 load balancers, MemoryDB clusters, ElastiCache for Redis clusters, and Redshift clusters.
  • Error shown when users attempt to add an existing user to their account (C-3083)
    When a user tries to add existing users to their existing CloudSecure account, CloudSecure correctly prevents the action, but does not issue an error message. For example, if a customer has one live CloudSecure account and also one trial account, trying to add an existing trial user to the live account will silently fail.
  • Middle, right, or control click to open in new tab do not work (C-2398)
    Middle click, right click, and control click sometimes do not open the specific desired CloudSecure tab.
  • Application sometimes gets mapped to the wrong deployment's env label (C-1257)
    The resources have multiple cloud tags, the tag in the application definition label doesn't align with the one used in the environment label.
  • Competing application definition (multiple app-def using same tags) (C-1095)
    CloudSecure allows users to create multiple application definition with the same rules, i.e., same set of tags can be shared for two applications.