Today is an exciting day for our company – we announced our network security platform and a $14m funding round. Now that we’re out of stealth mode, I’d like to take this opportunity to write a little about the team, the problem we’re trying to solve for the enterprise, and a bit on how we’ve chosen to solve it.
The team has a strong infrastructure and security background – we have people that have built networking platforms, security platforms, and cloud platforms. These platforms generated billions of dollars in revenue, and more importantly, have been deployed in tens of thousands of enterprises. The other important thing is that some of these platforms included high performance packet pipelines, and made the move of separating control and data planes – more on that in a minute. Armed with this experience, we have a unique ability to figure out how to bring security out of the appliance and into the cloud.
The Problem. Or, What’s Happening in the Enterprise?
When you start a company, you talk with a lot of potential customers. We found this nagging issue – the cloud is agile, the cloud infrastructure is secure…but enterprises weren’t adopting as fast as expected. Why? While the cloud is secure, much of that security is to protect the cloud platform – not the enterprise app running on it. So organizations brought their favorite on-prem network security to the cloud, and discovered they had to choose: they could be agile OR secure. Because it’s box-based security (even virtual appliances are still plumbed in statically), security isn’t as dynamic as the applications are. Sure, there are scripting options that try to make that plumbing dynamic, but the folks we spoke with weren’t fans of scripted automation that breaks with scale, change, or multiple regions/clouds – they want a solution architected for purpose. Of course, there’s always the other option – let apps be agile and forget about security. Compounding this set of issues was the way enterprises started using the cloud – adoption was often decentralized, with multiple VPCs, accounts and even cloud providers – so security teams often have no idea which apps are out there to secure. Finally, many of the appliance ports from specialized security hardware performed poorly in a cloud environment.
We liked this problem. We liked the idea of offering a solution to enterprises that would enable them to adopt cloud as quickly as they wanted to. The more we dug in, the more we found that offering a cloud-native network security capability (one that offered enterprises a third choice – agility AND security) was very appealing to enterprises. So we built it.
Solving the Problem – Cloud Native Network Security
The first thing we did was to scope the key elements of the problem: what/where are the apps we need to secure, how do we ensure app traffic passes through security, and how do we enforce the right network security policy for that traffic. In other words:
- App discovery and visibility
- Network security plumbing
- Network security enforcement
The second thing we did was focus on the architectural elements – the platform had to be:
- Cloud native – automatic application detection and visibility, automatic scale up/down, essentially everything one would expect in a cloud service.
- Unified – secure apps across multiple clouds, and do so across multiple security functions. This applies both to a single policy that follows apps as they scale or move across regions or clouds, but also to the information coming out of the platform – a single feed across functions (i.e., no correlation needed).
- High performance – network security is inline, so it has to perform. Throughput, latency, and availability matter. But in the cloud, so does the ability to adapt to change. Here’s where being cloud native really helps.
When we built the platform, the difference between the control plane and the data plane stood out. The control plane had to see and initiate security across all potential silos. The data plane, though, is an infrastructure component, and takes advantage of CSP-specific advanced compute to maximize performance and minimize latency. Which meant building an abstraction layer to normalize between the two. The control plane thinks globally, the data plane acts locally.
So the benefits revolve around simple and automatic network security.
Perhaps the most exciting thing about our platform for me personally is that customers are seeing value. Backcountry.com’s Leo Mata – who manages tech ops and infosec – noted that Valtix automatically applies the right security to apps. Which is exactly what we were shooting for when we built the platform.
The Journey Begins
So this is what we’ve been up to – solving a problem for enterprises that impacts their ability to move to the cloud. You will hear more from us about this problem, our platform, and our customers – but in the meantime check out our new website and let us know what you think!
Thanks for reading!