Security startup NetCitadel made its debut as a company on Tuesday, along with launching the OneControl Security Orchestration Platform, its answer to making existing security infrastructure more intelligent and responsive.
Using OneControl, customers can make network security policy changes across cloud, virtual and physical environments in minutes rather than days or weeks, the company said.
With OneControl, NetCitadel hopes to help organizations address gaps in cloud, virtual and physical networks.
The OneControl Security Orchestration Platform utilizes a virtual appliance that automatically orchestrates security intelligence by mapping context about cloud, virtual and physical environments to a wide range of security infrastructure and vendor devices.
The platform separates the control plane from Policy Enforcement Points (PEPs), transforming existing security infrastructure into a context-aware environment, NetCitadel said.
Intelligence can be gathered about workloads from sources including VMware vCenter and Amazon AWS to security infrastructure such as Cisco ASA and Juniper SRX devices.
“Security policies must shift from hardware-based attributes to logical and context-based attributes, such as applications, virtual machine (VM) identities, user or group identities, and sensitivity of content,” Neil MacDonald, principal analyst at Gartner wrote in a recent report. “A common misconception with the shift to software-defined security is that all security controls must move to software. For security, the primary goal must be to ensure that the appropriate security controls automatically remain in place, regardless of where an application moves, whether on-premises or to public clouds, and without requiring re-architecting security controls.”
According to Gartner, “Through 2018, more than 95 percent of firewall breaches will be caused by misconfigurations, not firewall flaws.”
As SecurityWeek columnist Nimmy Reichenberg noted in a recent column, change is the norm for most security teams, but security change management is often handled poorly by most organizations.
“In some cases, it is ‘just’ inefficient and slow, further contributing to the security department’s reputation of interfering with the business,” Reichenberg explained. “In other cases it is error-prone, exposing the organization to risks from changes that were executed incorrectly or even causing network outages that can damage the company’s revenue and reputation.”
OneControl hopes to address some of these concerns by helping administrators implement a consistent and accurate security policy across heterogeneous environments no matter where the workload is created.
The OneControl virtual appliance supports modular security options, including the Virtual Security Module and the Cloud Security Module that are sold as add-ons, the company said, with optional Virtual Security Module that enables tracking of virtualization environments. Another optional module, the Cloud Security Module, enables tracking of cloud environments, including VMware vCloud Director and Amazon AWS, and maps this information to network security infrastructure. More modules are expected later in 2013, the company said.
“This new approach of adding centralized, context-aware intelligence at the right places in existing network security infrastructure ensures that organizations can remain secure and agile as they keep up with the ever-changing business requirements that virtual and cloud environments create,” said Anthony James, NetCitadel VP of Marketing. “With OneControl, for the first time organizations have the right security controls at the right place and at the right time to best serve their growing business needs.”
The OneControl Security Orchestration Platform is available immediately, with pricing starting at $25,000 for up to 25 security devices. Pricing for the Virtual Security Module and Cloud Security Module starts at $5,000 each.
NetCitadel was founded in 2010 in Mountain View, California, by CEO Mike Horn (formerly of Level 3 and Virtela); CTO Theron Tock (formerly of Neoteris/Juniper and Healtheon/WebMD); and Chief Engineer Vadim Kurland (formerly of Google and Healtheon/WebMD). The company is venture backed with an undisclosed amount in a Series A round of funding led by NEA.