Data center security startup vArmour has come out of stealth. The company recently raised a $15 million series C after proving itself with several enterprises and service providers, but has not, until now, said what it does.
vArmour says traditional security perimeters have disappeared in the cloud world. While compute, storage and networking have become virtualized, security remains locked in legacy, hardware-centric perimeter models that cannot scale to meet modern business requirements and systems architecture.
The company said its solution provides visibility, control and threat defense across physical, virtual and cloud applications and can easily scale with the infrastructure.
CEO Time Eades said vArmour is not just for discovering, but defending against attacks that evade the traditional security perimeter.
The increasing use of virtualization has benefited IT with cost savings and agility, but it has also caused new avenues for attack that rest outside traditional local-based perimeter security models. Advanced attackers exploit these critical gaps in visibility and control inside the data center.
Virtualization and cloud have changed the nature of traffic flows themselves – 83 percent of traffic now travels “east-west” within the data center, never seen by the traditional perimeter. Attackers often compromise low-profile assets as their initial way into the system.
vArmour is led by former NetScreen, Juniper Networks, Silver Tail Systems, Citrix, Riverbed and IBM executives.
The solution provides:
- Security Visibility into every application, asset, packet and connection in the data center
- Threat Analytics delivered through real-time detection and visualization of laterally moving threats
- Attack Remediation policies to contain compromised hosts and prevent exfiltration
- Policy Control and Enforcement to isolate and control communications between applications, workgroups and tenants
vArmour says it helps an enterprise understand the nature of an attack’s progression across the entire network, showing intent and path, as well as “patient zero,” the initial point of compromise. Through software it provides distributed sensors and enforcement points in a single logical system that scales horizontally. The system provides insight into data center risk profile, as well as the tools to control and prevent breaches without requiring changes to existing policies or IT infrastructure.