Skip to content

Onboarding process

The onboarding process ensures that applications can be protected with Illumio in a controlled, auditable, and compliance-driven way, aligned with the ISORP (Integration of Security and Operational Risk in Projects) process.

High Level Process

Onboarding process - High Level Diagram

Figure: High Level onboarding process aligned with ISORP.

Phase 1 — Opportunity

  • Request onboarding
  • Validate the intake and register the application in the PO Backlog
  • ✅ Outcome: Application is Ready for Onboarding

Phase 2 — Study (Build the security)

  • Illumio Agent installation and flow observation
  • Rules creation and business flow qualification
  • Security Team validation
  • ✅ Outcome: Application is Ready for Protection

Phase 3 — Execution

  • Enable Illumio Protection on servers
  • ✅ Outcome: Application is Protected

Phase 4 — Ongoing operational security (RUN)

  • Allow new flows (change-controlled)
  • Add / onboard new servers
  • Recertify existing flows and rules periodically

Low Level Process

Onboarding process - End-to-end

Figure: End-to-end onboarding process across PI (N-1) and PI (N), including phases, states, and responsibilities.

Timeline

The selected ETA is the target quarter/semester for becoming protected.
To keep delivery stable, agent installation should start during the quarter preceding the ETA to allow enough observation time.

PI N-1 — Preparation (install + observe)

  • A–B (Intake): request submission + eligibility checks + intake validation (Program Management or Illumio PO/Product).
  • Backlog planning: application is subscribed in the PO backlog for protection during PI (N).
  • C (Agent): Illumio agent installation is scheduled and executed (Illumio Ops), with App/Infra team contribution when needed.
  • Observation readiness: once the agent is installed on all servers, the process transitions to PI (N) for flow observation.

PI N — Execution (rules + validate + enforce)

  • Flow observation (min. 1 month): collect/observe real business flows.
  • D (Rules validation): Illumio Onboarding team creates rules and runs weekly workshops; Application team qualifies all flows.
  • E (Security review): Security team reviews and approves qualified rules → Ready for Protection.
  • F–G (Enforcement): Application team schedules the change (Microcosmos access) and enables protection with Illumio Onboarding support.
  • H (RUN): application enters RUN phase.

Dates are illustrative placeholders. Align them with your PI calendar.

Next

Continue to: Onboarding Request form (mockup)