This Illumio MCP server, developed by alexgoller, provides an interface for AI assistants to interact with Illumio's Policy Compute Engine (PCE). It integrates with the Illumio API to enable programmatic management of workloads, labels, and traffic flows within a zero trust security environment. The server exposes tools for creating, updating, and deleting workloads and labels, as well as analyzing traffic patterns and security policies. By abstracting PCE interactions, it allows AI systems to easily perform tasks like workload management, label operations, and traffic analysis. This implementation is particularly useful for security teams, network administrators, and DevOps professionals who want to leverage AI capabilities for automating Illumio PCE operations, enhancing security posture, and gaining insights from network traffic data.
暂无评论. 成为第一个评论的人!
登录以参与讨论
Retrieve workloads with optional filtering by name, hostname, IP, labels, and max results.
Create an unmanaged workload with name, IP addresses, and labels.
Update an existing workload's properties.
Remove a workload from PCE.
Retrieve labels with optional filtering by key, value, and max results.
Create a new label with key-value pair.
Update an existing label.
Remove a label.
Get rulesets with optional filtering by name, description, and enabled status.
Create a new ruleset with scopes.
Update ruleset properties.
Remove a ruleset.
Create a deny rule (regular or override deny) in a ruleset.
Update an existing deny rule.
Remove a deny rule.
Get IP lists with optional filtering by name, description, FQDN, and max results.
Create a new IP list.
Update an existing IP list.
Remove an IP list.
Get services with optional filtering by name, port, protocol, and max results.
Create a new service definition.
Update an existing service.
Remove a service.
Get detailed traffic flow data with filtering by date range, source/destination, service, policy decision, and more.
Get aggregated traffic summaries grouped by app, env, port, and protocol.
Automated app-to-app segmentation policy creation. Analyzes traffic flows to discover which remote apps communicate with a target app.
Discover which apps are infrastructure services by analyzing traffic patterns.
Provision pending draft changes to move them from draft to active state.
Compare draft vs active policy to preview what would change on provisioning.
Assess whether an app is ready for enforcement. Returns a readiness score with actionable recommendations.
Ringfence multiple apps at once. Optionally uses identify-infrastructure-services to auto-order apps by infrastructure score.
Get enforcement mode status across workloads, grouped by app and environment.
Generate a policy coverage report for an app showing what traffic is covered by existing rules vs what would be blocked.
Find traffic involving unmanaged workloads or IP addresses.
Detect potential lateral movement paths by analyzing app-to-app traffic patterns.
Check policy compliance against frameworks and return a compliance score with per-check findings.
Get PCE events with optional filtering by event type, severity, status, and result limits.
Verify PCE connectivity and credentials.
