Elisity 16.12 Release: Custom Connector Transforms Asset Intelligence, Advanced Policy Controls, and Zscaler ZIA Integration Extend Zero Trust

Empowering Security Teams with Flexible Asset Intelligence and Extended Policy Control

As Product Manager at Elisity, I'm excited to share how our latest 16.12 release addresses three critical challenges our enterprise customers face daily: integrating proprietary asset databases into their microsegmentation strategy, simplifying complex policy management across distributed networks, and extending identity-based policies to cloud security platforms. These enhancements reflect direct feedback from customers managing tens of thousands of devices across manufacturing floors, healthcare systems, and distributed enterprises. Today's release continues our mission to make microsegmentation achievable in weeks, not years, while providing the flexibility and intelligence security teams need to protect their unique environments.

Elisity IdentityGraph™ Custom Connector: Your Data, Your Way

Eliminate Middleware Complexity While Preserving Your Existing Asset Intelligence Investments

The Elisity Custom Connector is fully embedded in Cloud Control Center, enabling seamless management without external dependencies. It scales to millions of devices and supports multiple simultaneous connector instances, providing the flexibility required for large, dynamic environments. All device attribute data—whether standard or custom—can be leveraged to inject context directly into Elisity policy definitions, ensuring precision and adaptability in access control. The connector can be fully populated via the intuitive UI or through APIs, giving organizations the choice of streamlined configuration or programmatic automation.

Why We Built This

Many of our customers have invested years building comprehensive asset databases tailored to their specific operational requirements. Manufacturing organizations maintain detailed OT device inventories with custom attributes for production lines and safety systems. Healthcare institutions track IoMT devices with specialized compliance fields and patient care classifications. These databases contain invaluable context that traditional microsegmentation solutions cannot leverage without complex, brittle integrations.

The Elisity Custom Connector addresses this challenge by providing a flexible, API-based integration framework that adapts to your data schema rather than forcing you to conform to rigid vendor requirements. Whether you're importing data via CSV or from your databases, the custom connector can ingest device attribute data from ANY third-party application that supports exporting the data into XLSX format for initial deployment or establishing real-time API synchronization for dynamic environments. The Elisity Custom Connector ensures your institutional knowledge enhances every policy decision.

Technical Implementation That Scales

Advanced features like configurable match order, MAC address format normalization, and intelligent data purging ensure reliable synchronization even in complex environments with ephemeral devices.

What excites me most about this feature is how it democratizes asset enrichment. You're no longer dependent on vendor-specific connectors or waiting for integration roadmap priorities. If you have the data, you can now leverage it immediately within Elisity's policy engine, accelerating your journey to comprehensive microsegmentation.

Intelligent Policy Management: From Suggestions to Cross-Zone Orchestration

Transform Complex Policy Decisions into Confident, Data-Driven Actions

The 16.12 release introduces multiple policy enhancements that address the realities of managing microsegmentation at enterprise scale. These improvements reflect lessons learned from customers securing hundreds of sites with diverse network architectures and compliance requirements.

Enhanced Policy Group Suggestions with Complete Asset Coverage

The improved Policy Group Suggestions workflow now considers all unassigned devices, even when Elisity's native classification differs from connector data. This seemingly simple change has profound implications for policy accuracy. Security teams no longer miss devices that fall between classification gaps, ensuring complete attack surface coverage. The addition of configurable time ranges (7, 15, or 30 days) allows you to align suggestion windows with your change management cycles and compliance review periods.

Cross-DZ Policy Evaluation with ITD Awareness

For enterprises with distributed architectures, the new Policy Evaluator support for Intelligent Tag Distribution (ITD) between Distribution Zones (DZ) eliminates a significant source of policy troubleshooting complexity. When evaluating why specific traffic flows are blocked or allowed, the evaluator now automatically identifies source and destination Elisity Virtual Edge Nodes, their associated DZs, and whether ITD is properly configured between zones.

This enhancement emerged from customer feedback about the challenges of managing policies across manufacturing facilities, branch offices, and data centers. Security architects can now quickly determine whether missing ITD configurations are preventing policy enforcement, reducing troubleshooting time from hours to minutes.

Granular Match Visibility and Site Label Tag Support

The enhanced match visibility in Policy Groups now displays match counts per criteria block, not just total matches. Combined with new Site Label Tag matching capabilities, security teams gain unprecedented flexibility in defining and validating policy logic. You can now create policies that dynamically adapt based on site characteristics—critical for organizations managing diverse locations with varying security requirements.

Zscaler ZIA Integration: Extending Identity-Based Policies to Cloud Security

Unified Policy Orchestration Across Network and Cloud Security Platforms

The native Zscaler Internet Access (ZIA) integration represents a significant milestone in our platform evolution, enabling Elisity's identity-based segmentation policies to extend seamlessly into an organization's Security Services Edge.

Bridging the Network-Cloud Security Gap

Traditional microsegmentation stops at the network edge, creating policy inconsistencies when users and devices access public resources outside of an organization. The new Security Platform Elisity Virtual Edge Node type for Zscaler ZIA changes this paradigm. Policy Groups defined in Elisity are automatically published to ZIA as Address Groups, allowing organizations to ensure consistent identity-aware access control whether traffic flows east-west within your network or north-south to cloud services.

This integration is particularly powerful for organizations adopting SSE architectures. Your investment in defining granular, identity-based policies within Elisity now extends to internet services enforcement, reducing the complexity of policy sets across platforms. Manufacturing companies can ensure that OT devices accessing cloud-based SCADA systems maintain the same strict access controls. Healthcare organizations can enforce consistent policies for IoMT devices whether they're communicating within the hospital network or with cloud-based patient monitoring platforms.

Operational Simplicity at Scale

What makes this integration truly valuable is its operational simplicity. There's no complex policy translation or manual synchronization. Policy Groups published to ZIA maintain their identity-based context, and changes in Elisity automatically propagate to your cloud security platform. This unified approach reduces policy management overhead while ensuring security policies remain consistent across your entire digital infrastructure.

Additional Enhancements: The Details Matter

Beyond these headline features, 16.12 includes numerous enhancements that improve daily operations:

• Packet Count Metrics: Now visible across all traffic and policy views, providing crucial visibility for low-volume and denied flows
• Unified Analytics Tab: Streamlined Device Details interface combining Sankey diagrams and traffic records
• First/Last Seen Timestamps: Distinguish between one-time events and persistent communications without complex time-series analysis
• Enhanced AD Integration Visibility: Domain controller status and domain associations visible directly in the interface

Looking Forward: Your Feedback Drives Our Innovation

The 16.12 release exemplifies our commitment to customer-driven innovation. Every major feature addresses specific challenges you've shared with us. The Custom Connector eliminates integration barriers. Enhanced policy intelligence reduces operational complexity. For those of you with Zscaler ZIA, this new support extends your security architecture into the cloud.

Access Complete Technical Documentation

For detailed implementation guides and technical specifications, access the 16.12 Release Notes in the Elisity Knowledge Base (customers and partners only).

Experience These Features Today

Ready to leverage these new capabilities? Request a conversation or demo to see how Elisity can transform your network security architecture.