By Dr. Ratinder Paul Singh Ahuja, Chairman of the Board & Chief R&D Officer ShieldX Networks
Securing Cloud-Generation Data Centers
As many firms transition their data centers into the cloud and/or heavily virtualized environments, the old practice of securing the perimeter from North-South data flows simply doesn’t work. According to Gartner, by “2025, 80% of enterprises will have shut down their traditional data center, versus 10% today.” Security, infrastructure and operations professionals need a new approach to network security for this overwhelming increase of East-West traffic where discovery, visibility, compliance, and enforcement become impossible.
Available approaches such as agents and virtual firewalls fail on several critical fronts. Only ShieldX can deliver a new network security platform providing automated policy generation, visibility, and controls for Layers 3-7, micro segmentation with the click of a mouse and scalability across the multi-cloud.
Forward-thinking enterprises require a new technology to help IT and security deliver secure, agile services leveraging the promise of cloud economics. Cloud migration is happening fast—yet CISOs still need to maintain vigilance and control. And they must do it facing a significant skills gap both in the cloud and network security. With ShieldX, enterprises leverage a cloud-native and microservices architecture to discover, automate and secure any workload, making the digital transformation with Zero Trust one of the easiest things to implement in the cloud.
With ShieldX, infrastructure teams:
- Won’t add environmental complexity
- Set and forget with a quick time to deploy and virtually no long term maintenance
- Don’t require incremental resourcing
ShieldX Brings Cloud Generation Security to Multi-Cloud Data Centers
The ShieldX Elastic Security Platform was built to secure modern, multi-cloud data centers. It dynamically scales to deliver comprehensive and consistent security policies and controls to protect data centers, cloud infrastructure, applications and data, no matter where they are or where they go—to make the cloud more secure than on-premise deployments. ShieldX is the only cloud-native security platform that continuously discovers workloads, identifies risk, and enforces security policies for Amazon Web Services (AWS), Azure, and VMware in your multi-cloud environments.
Agentless Approach to Data Center Security. According to Forrester, the average cloud workload contains 20 agents, creating a management headache. Agent-based approaches are extremely difficult to operationalize, costing time and money for each instance. To make matters worse, agent-based solutions for micro-segmentation don’t actually perform security—they merely manage IP tables in hosts. And they cannot provide visibility unless deployed a priori.
ShieldX, on the other hand, provides a frictionless means to discover, automate, and microsegment all the way to Layer 7, providing visibility, security policy generation and controls within minutes of deployment. ShieldX sits at the network layer to discover all workloads and applications without needing to install a burdensome agent. ShieldX provides visibility without an agent. Enterprises can now execute micro-segmentation and other cloud security initiatives quickly and efficiently, without needing to know where to deploy thousands if not hundreds of thousands of agents.
Visibility into Cloud Workloads, Threats and Vulnerabilities. With ShieldX, CISOs and CIOs can manage network security consistently across each cloud platform, creating one single console view. ShieldX continuously discovers all workloads in your multi-cloud environment, shining the light of visibility on your data center with a multi-tier, application-centric view across networks, virtual switches, distributed virtual switches, virtual private clouds, vNets, subnets, workloads, tags and much more. Then, ShieldX generates a mathematically precise set of policies and associated threat controls to provide visibility, threat prevention, micro-segmentation, and security enforcement to eliminate the risk of flat networks. Using deep packet inspection, ShieldX investigates and classifies cloud traffic to understand attack surfaces. Finally, by integrating with vulnerability scanners, ShieldX assesses vulnerabilities and classifies data in rest as well as data in motion.
Intent-Based Automation. The ShieldX Adaptive Intention Engine quickly and effectively models relationships and entities to produce a visual application connectivity graph, allowing administrators a clear picture of their traffic dynamics over time to pinpoint potential issues. Our Elastic Security Platform then suggests a security policy based on the application connectivity model, which administrators can change and tune. For the initial setup, the automated policy recommendation dramatically decreases the time to value for our Elastic Security Platform, allowing organizations to implement policies and protect resources in hours, not weeks. After implementation, ShieldX continuously and instantly updates policies and controls based on security intention.
A Full-Stack of Security Controls. ShieldX provides comprehensive security controls that go beyond basic network ACLs. Because ShieldX uses a holistic set of mitigations to keep the workload secure, a true defense-in-depth model for each micro-segment is deployed, and multiple mitigation layers defend the attack surface intuitively, in unison, and with a layered approach. Controls include microsegmentation, URL filtering, malware detection, and IPS/IDS.
Deploys a Zero-Trust Networking Architecture. ShieldX plays a key role in facilitating zero-trust networking. Microsegmentation combined with Layer 7 inspection and adaptive controls ensures only trusted users and applications can access specific systems and data while extending the concept of zero-trust across all OSI layers. ShieldX delivers:
- Application-level visibility
- Automated network security policy
- Automated threat prevention security policies
- Automated control deployment
Elastic Scaling with Cloud-Native Microservices-Based Architectures. Unlike other options on the market, ShieldX uses cloud-native, containerized microservices to automatically scale elastically to any sized environment without suffering from performance degradation or reduced security. For example, when using a legacy virtual firewall, more TLS implementations could require the purchase and deployment of more full firewall licenses just for the expansion of that one feature. ShieldX, on the other hand, simply scales up the TLS microservice to whatever level is needed. This groundbreaking innovation provides an unparalleled ability to deploy security controls where and when they are needed, at any scale, without compromise.
Benefits
Slam the brakes on costs. ShieldX provides a single point of management for multi-cloud data centers to eliminate manual processes, control sprawl, and minimize ongoing maintenance requirements. Also, with ShieldX’s automated policy generation and orchestration, enterprises easily avoid costly misconfigurations.
Stop wasting time. Manual policy generation is as mundane as it is time-consuming. With ShieldX, security teams leverage automatic security policy generation to eliminate this tedious task and put that regained time to better use.
No more risky business. Maintain vigilance over cloud operations and workflows, reducing risk through a stronger security posture and more effective controls. With ShieldX, enterprises won’t worry as much about imprecise policies or controls, or undetected changes stemming from separation of DevOps and security. Using continuous discovery and visibility into workloads, applications and data, enterprises mitigate the risks associated with flat networks and vulnerable systems across the East-West axis. This allows security teams to automatically protect multi-cloud data centers from ransomware and misconfigurations that result in data loss.
Elasticity That Scales with Your Business. Scale elastically to your business needs—seen and unforeseen— with comprehensive and consistent controls that protect your applications and data, no matter where they are, where they go, or how busy you get. With ShieldX’s containerized microservices architecture, you can enjoy a cloud-native security solution that works the way cloud tools are supposed to.
Learn more about us at https://www.shieldx.com
About the Author
Dr. Ratinder Paul Singh Ahuja,Founder And Chief Research And Development Officer
Ratinder leads ShieldX and its mission as its central pivot point, drawing from a career as a successful serial entrepreneur and corporate leader, bringing with him his unique blend of business acumen, industry network, and deep technical knowledge.
His previous three founded startups, Internet Junction, Web stacks and Reconnex were acquired by Cisco Systems, Extreme Networks, and McAfee, respectively, where he subsequently served as Chief Technology Officer and Vice President of the Mobile and Network Security Business Units. His knowledge of innovation and emerging trends in networking, network security, and data loss prevention are derived from years of industry experience. Dr. Ahuja holds a BS in Electronics & Electrical Engineering from Thapar University, in India and a Masters and Ph.D. in Computer Engineering from Iowa State University. Dr. Ahuja has been granted 37 patents for security-based technologies and has presented in many public forums including the Content Protection Summit, IC3, IEEE Computer Society, McAfee FOCUS and the Cloud Expo.
Beyond his passion for technology and building new and exciting companies, Ratinder is a car enthusiast and a TaeKwonDo Master, with a 6th Degree Black Belt, practicing QiGong and weight training.
