Current security methods aren’t doing enough to stop the breaches that can cost the global economy up $400 billion each year, vArmour CEO Tim Eades said in an email to SDNCentral. To counter, vArmour is offering security to protect what it calls the Data Defined Perimeter. Intended for the cloud world, vArmour’s products supposedly help customers better protect data wherever it may reside.
Among other things, vArmour claims it can provide better visibility to help guard enterprises and service providers from attacks that move laterally through the data center. With better visibility and control, companies gain insight into every application, asset, packet, and connection within the data center, and they’re able to expose an attacker’s progression. With this information, vArmour says it can pinpoint an attacker’s entry point and contain the compromised hosts.
After unveiling its product earlier this year to targeted accounts, vArmour gathered feedback, including the answers to two questions:
- Do you have visibility into the east/west traffic flows within your data center?
- Once the bad guys get in (and they are getting in), do you have control and defense capabilities to stop and prevent data breaches?
Eades said the response was a resounding “no” from 100 percent of those polled.
“Security solutions have focused on trying to protect enterprise data centers at the traditional perimeters, and that approach is no longer valid,” Eades said. “Attackers are finding ways past the traditional perimeters by attacking low-profile assets, then moving laterally across the data center to critical enterprise assets to siphon off company and customer data.”
In emphasizing the need to neutralize lateral attacks, vArmour’s approach to data center security sounds similar to that of GuardiCore, an Israel-based company which recently announced a round of funding (also much like vArmour). GuardiCore’s product, Active Honeypot, finds attacks once installed inside the data center and neutralizes threats in real time. It does this by detecting a blocked connection attempt, redirecting the flow to an ambush server, and then allowing an attacker to “succeed” after several failed attempts within a closely monitored environment.
Despite the similarities, Vice President of Product at vArmour Keith Stewart said he hasn’t seen anyone taking the same approach to data center security as vArmour.
“The primary attribute of our system that differentiates it from other companies is its distribution system,” said Stewart. “It gives you three benefits: it’s easier to operate, it’s easier to detect threats because it self correlates, and it enables a consumption model or a cloud economic model. All of these elements make our system strong.”
Both vArmour and GuardiCore agree that traditional security methods are no longer enough to protect companies against the sophisticated attackers that exist today. By using SDN methods and focusing on virtualized networks, both are looking to make strides in data center protection.