Online security breaches are all over the news today—giant companies ranging from Target to eBay have been hacked. It proves that so-called “perimeter” security, or trying to set up firewalls to prevent intrusions, is no longer enough to protect most companies. Given the sophistication of modern attacks, enterprises must shift their posture to assume they have already been breached by actors who have legitimate credentials. Put another way: The bad guys are already inside you.
At the same time, the distributed nature of modern applications running inside data centers has shifted traffic patterns to the point where, in many cases, 80%-90% of network traffic is internal, so-called “East/West” traffic—not data moving in and out of the network. Yet today, the vast majority network security dollars are still spent on blocking nefarious traffic from the outside.
This is why I’m excited about Battery’s new partnership with security company GuardiCore. The company, staffed by veterans of the Israeli army’s top cybersecurity units, is I feel well positioned to create an important new platform for data-center security that addresses this problem.
GuardiCore’s solution leverages advances in modern data-center networking to access and analyze the massive volume of a company’s internal data traffic and re-direct it if necessary. The ability to affect the path of individual data requests is a key element underpinning the first application on the company’s platform, the Active Honeypot. This application has already been validated with H-P’s networking team. While the H-P use case leverages an Openflow Controller, the GuardiCore technology has been designed from inception to work equally well in SDN and traditional networking environments.
The Active Honeypot is just the first application on the GuardiCore platform. The company will be launching a suite of other applications that the industry had previously thought to be too computationally expensive to use on the high volume of internal data-center traffic.
Going back as far as Altor Networks, which was acquired by Juniper in 2010, there have been some efforts around host-based security for datacenters. Of course VMware has also been innovating in this space with products like V-Shield Edge, while a new class of start-ups including Embrane, Varmour, Javelin Networks, Vexata and others are thinking through new approaches to data-center security. We believe that GuardiCore has a differentiated approach, and we are looking forward to working together with this team in the coming years as the the company strives to add new layer of security to the modern data center.
For a full list of Battery’s investments, please click here.
Alex Benik is a partner in Battery Ventures’ Boston office.