Architecture

Lumeus is a multi-tenant, SaaS-based platform that require no agents to be installed on endpoints or applications.

The core capabilities provided by Lumeus are:

AI Networking	Policy	Stitching
SLA Anomaly Detection + Correlation Adaptive Log Management Managed Data Plane	Segmentation Policy-as-Code PAM-Lite	Auto Network Topology Session Logging Device Fingerprinting

AI Networking

Policy

Stitching

SLA Anomaly Detection + Correlation
Adaptive Log Management
Managed Data Plane

Segmentation
Policy-as-Code
PAM-Lite

Auto Network Topology
Session Logging
Device Fingerprinting

The graphic below outlines how Lumeus interacts with existing network infrastructure:

Cloud Gateways: Lumeus Cloud Gateways provide reliable and secure Zero Trust Access (ZTA) for infrastructure and applications running in private networks. These are managed and hosted in the Lumeus Cloud and backed by the leading public cloud providers. Some of the main functions provided by Cloud Gateways include DNS, WAF etc.
On-Prem Gateways: Lumeus On-Prem Gateways run in the customer's private networks and can be deployed in a virtual or containerized form factor. The Gateway establishes a secure TLS tunnel to Lumeus Cloud Gateways to provide Zero Trust Access for private applications. It also establishes a secure control channel to the Lumeus Management Portal and a policy controller to provide Zero Trust Segmentation.

Management Portal

Lumeus SaaS management portal provides a unified console to manage and monitor all infrastructure resources. The portal is the main brain behind the solution and hosts all policy repository, analytics and access. The portal is deployed in Lumeus Cloud and provides the UI and API interface to the users.

SaaS portal provides core functions like AI Networking, Policy Orchestration and external Integrations.

Cloud Gateways

Lumeus Cloud gateways provide a reliable and secure Zero Trust Network Access (ZTNA) for infrastructure and applications running in customers private network. Cloud Gateways integrate with enterprise Identity Providers (IDP) to enforce authentication and RBAC for remote users access.

Cloud Gateways are completely managed and deployed in Lumeus Cloud, which is backed by public cloud providers like AWS, Azure and GCP. Customers can pick the Cloud Gateway closest to their application during onboarding.

Cloud Gateways also provide network and security functions like DNS and WAF.

On-prem Gateways

On-prem Gateways run in the customer private environment. These provide 2 main functions

Application Ingress: Zero Trust Network Access for remote users to private applications and infrastructure resources. For this create a secure TLS tunnel to the Cloud Gateways
Policy controller to manage segmentation policies on the local firewalls and appliances. The policies are pulled/pushed from Lumeus Management Portal. The policies are resolved and programmed on local firewalls based on the discovered endpoints and devices.

On-prem Gateways can be deployed in a virtual or containerized form factor.

In the subsequent sections, we will discuss some of the core functions,

AI Networking

SLA Anomaly Detection and Correlation
Adaptive Log Management
Managed Data Plane

Policy

Policy as code
Segmentation
PAM-Lite

Stitching

Auto Topology
Session Logging
Device Fingerprinting

PreviousIntroduction NextSLA Anomaly Detection & Correlation

Last updated 12 months ago