Meta NaaS Provides a Software-defined Virtual ‘Overlay’ to Existing Disjointed Physical Networks
Emerging from stealth with $10 million in seed funding led by Vertex Ventures and the BRM Group, Tel Aviv-based Meta Networks has launched Meta NaaS — a secure software-defined virtual private network aimed at redefining the concept of distributed, cloud-employing corporate networks.
The advent of public and private cloud services and offerings, together with the growth of mobile computing and remote working, plus the tendency for most companies to combine all of these with their own on-premise resources has had one major and well-recognized effect: there is no longer a physical network perimeter that can be defined and protected. Solutions generally require point products for every device, aimed at protecting the device and its communication to other parts of the network. This rapidly becomes very complex with multiple points of possible failure.
Meta NaaS provides a software-defined virtual ‘overlay’ to existing disjointed physical networks. It is user-centric, draws on the principle of zero-trust, and brings together all aspects of remote users, mobile devices, separate branch offices, on premise data centers and cloud apps within one single software-defined overlay. It creates a new perimeter in the cloud.
Like Google’s BeyondCorp, the user is key. Every user device is given a unique permanent identity at the packet level, but is also given access to an always-on virtual private network (VPN). A global distribution of PoPs ensures high performance in accessing and using the VPN from any location, and all corporate traffic from corporate users is securely sent to the NaaS before being delivered to its destination. This includes both internal resources and internet traffic — and security is handled in the NaaS rather than at the device.
“It’s worldwide,” Etay Bogner, CEO and founder of Meta Networks, told SecurityWeek. “You don’t have to install any appliances. You connect separate offices through their existing routers. On top of the network we are deploying best network security. So instead of having the firewall deployed as an appliance in a specific physical location, we have the firewall functionality within the cloud in every one of the PoPs, and we apply security at those locations.”
The effect is to provide security in even hostile environments — mobile employees working in internet cafes or airport waiting lounges are as secure and productive as if they were still in the office.
Meta NaaS interoperates with other cloud-delivered security solutions, supporting a best-breeds security stack for the enterprise. It delivers identity-based policy routing and packet-level identity verification; and since it is cloud-based, it promises cloud advantages: agility, scalability and cloud economics.
“Meta NaaS is a new zero-trust paradigm for the ‘virtual private network’ that revolves around users rather than physical topology. This shift enables enterprises to effectively restore the perimeter by protecting all employee traffic — both corporate and internet — all of the time,” said Bogner. “What elevates our technology is the cloud-native global backbone and the comprehensive, identity-based network security architecture designed to support millions of users efficiently.”
“Meta NaaS is built around network users, not a physical business location,” comments Ramon Snir, senior developer at Dynamic Yield, an existing customer. This is an advantageous approach for organizations like ours that have applications in data centers and clouds around the world, as well as an increasingly mobile workforce.”
Bogner is keen to stress that this is not a new rip and replace technology. “Enterprises already have existing investment in on premise security. That doesn’t have to be ripped out,” he told SecurityWeek. But at the same time, when licenses lapse, they don’t have to be replaced. Meta NaaS provides a road map towards a cloud-only security policy.
“Over time,” added Amy Arie, Meta Networks’ CMO, “the NaaS will offer greater security at lower cost.”
The concept can be seen in its implementation by MyHeritage. The firm has 100 sales reps around the world, with applications housed in two data centers on different continents. Without Meta Naas, this required VPNs in each data center and an IT overhead in maintaining 100 clients — and for the reps to understand which data center they needed. With Meta NaaS it is a single connection to the NaaS. The VPN is always operational, and access policies are maintained in the NaaS.
“Compared to managing VPNs in each of our data centers,” said Moshe Magal, IT team leader at MyHeritage, “the Meta NaaS solution is much simpler and more convenient both for our IT team and our users.”
Meta Networks is the fourth firm founded by serial entrepreneur, Etay Bogner. His first was SofaWare, a network security vendor that was ultimately acquired by Check Point Software. The second was Neocleus, a virtualization vendor acquired by Intel. The third is Stratoscale, an AWS compatible infrastructure and services firm.
Related: Cloud Security Alliance Releases Update to Software Defined Perimeter (SDP)
Related: Security Challenges of SDN and Cloud: The Critical Role of Visibility
Related: This is How Google Secures Devices for Its 61,000 Employees