Virtualization of IT, from servers to networks, is giving rise to the need for a new breed of security, different from the current security solutions that are tailored for traditional data centers and networks. Israeli security startup GuardiCore raised $11 million in a Series A funding round, and another company working in the field, called vArmour, raised a $15 million Series C.
Both companies are addressing increasing and changing security needs that come with virtualization. Both argue that traditional security methods don’t address the rapid evolution of data center architecture.
The rise of the software-defined data center means traffic rates within the data center are climbing, and current security solutions are tailored for traditional data centers and networks.
Virtualization means more software and data is packed into a single server. Its tougher to protect files and locate intruders due to the file’s location being more tenuous than with traditional, physical data center infrastructure.
vArmour secures data-defined perimeter
vAmour is taking an entirely software-based approach to securing the increasingly virtualized data center and cloud environments.
As massive, growing amounts of data continue to be distributed on a global scale, security controls need to move deep into the data center and be as dynamic as the applications and data they protect. There, at the “data-defined perimeter,” vArmour provides needed protection dynamically and securely by giving enterprises instant visibility and control of their east-west traffic flows for both old and new data center architectures.
Former Palo Alto Networks CEOs, Dave Stevens and Lane Bess, also recently joined vArmour’s board.
“Virtualization is driving a revolutionary change in architecture across the data center,” Stevens said. “Enterprises are simply not able to use legacy security and networking technologies to protect today’s highly virtualized environments. The vArmour team has been able to design a solution, unencumbered by legacy thinking or technological trappings, that meets these challenges in a radically new and more effective way. I fully expect them to reform how enterprises protect their new, data defined perimeter in today’s reality of pervasive virtualization, constant threats and ongoing security breaches.”
vAmour has raised $36 million to date, previously raising a $15 million Series B in December 2013. Columbus Nova Technology Partners, Citi Ventures and Work-Bench Ventures led the latest round while the previous round was led by Menlo Ventures.
GuardiCore sets up an ‘ambush’ server
Guardicore’s first platform component is called Active Honeypot. It dynamically reroutes traffic without the attacker knowing to a highly monitored stealth “ambush” server. It then provides insights into the nature of the attack. The company is currently testing the technology with some potential customers.
“GuardiCore is developing a completely new breed of network security,” said CEO Pavel Gurvich. “Powered by software-defined networking methodologies and recent advances in virtualization, our solution is scalable to multi-terabit traffic rates.”
GuardiCore’s founders Gurvich and Ariel Zeitlin are both veterans of Israeli Defense Forces’ technology units.
Architectural changes in data centers have led to an explosion of intra-data center (east-west) traffic at terabit levels. GuardiCore says that state-of-the art security techniques such as IDS, IPS, sandboxing, deep packet inspection and threat emulation, cannot scale to these data traffic rates and are therefore largely considered to be impossible to apply inside data centers. GuardiCore makes these security techniques scalable to keep pace with data traffic.
“As the data center evolves to a more software-defined model, enterprises need to think about security in radically different ways,” noted Scott Tobin, general partner, Battery Ventures. “Traditional security techniques have focused on keeping the bad guys out of the perimeter. But as we’ve seen in recent high-profile security breaches, these methods are far from complete. GuardiCore’s approach assumes you have already been compromised and provides levels of visibility and protection that were previously unattainable.”
GuardiCore’s investment round was led by Battery Ventures, with participation from Greylock IL, an affiliate fund of Greylock partners, as well as undisclosed strategic partners.