The round includes new investors Cisco and Presidio Ventures joining all of Embrane’s previous venture investors: Lightspeed Venture Partners, New Enterprise Associates (NEA) and North Bridge Venture Partners.
The money could give Embrane extra time to cultivate its market. Its technology can be used for service chaining, creating a “container” for the Layer 4-7 functions needed by a particular application. Every time the application is launched, the appropriate container could be launched as well — and if the application’s virtual machine moves, the container could react accordingly.
Everyone seems to agree that service chaining is important and that security (which is part of the “Layer 4-7” catch-all term) is a pressing issue within SDN. Even so, traction in the market seems to be coming along slowly for Embrane.
SDN and Security Partnerships
It might be more important, then, that Embrane is announcing two partners: Cisco and Sourcefire. Yes, it’s true that Cisco acquired Sourcefire, but these partnerships were being forged separately, before that deal closed, says Dante Malagrinò, Embrane’s CEO.
Embrane’s containers will now be able to include Cisco’s Adaptive Security Virtual Appliance (ASAv) and Sourcefire’s virtual appliances for intrusion detection and prevention, an area Embrane’s own virtual appliances don’t cover. And in the other direction, Cisco/Sourcefire can bring heleos in as a service-chaining option for their customers, potentially expanding Embrane’s sales reach.
Embrane has been saying it intends to let other vendors offer some of the Layer 4-7 functions that heleos works with, and the partnerships are the first evidence of that strategy at work.
So, what exactly can Embrane do for an existing Cisco/Sourcefire customer? It comes down to the details of automated configuration and setup. “Lifecycle management” is the phrase Embrane has started using for this.
Configuring a virtual appliance is more complex than the rack-and-stack routine of the physical world, partly because there are some additional steps. The concept of location is less straightforward than for a physical appliance, and there’s the matter of uploading and licensing the images of the functions you want, Malagrinò says.
“There are a lot of tasks we completely automate that have nothing to do with managing the policies of the device. They’re about managing the existence of the device,” he says.
It’s analogous to the way server virtualization made server configuration more complex, because suddenly you had a fluid number of machines sharing a server, Malagrinò says. “There was a period of time in IT when the big problem was dealing with virtualization sprawl,” and the network is about to go through the same experience, he says.