Companies used to assume that computing infrastructures would remain on-premises before eventually moving over completely to the cloud. That assumption has been proved false, as more organizations recognize the need for a hybrid cloud. This could be for regulatory reasons—the financial and health care sectors, for example, might be required to keep some of their workloads on data centers—or other concerns.
The hybrid comes with a unique set of security challenges. How do you maintain a consistent network policy without losing the visibility and control of your workloads? Guardicore, a Tel Aviv-based cyber security company, focuses on micro-segmentation and breach detection for the hybrid cloud. “If you have workloads on prem or in the cloud, we’re able to provide you a security layer across all of these workloads,” says Igor Livshitz, Guardicore’s senior director of product.
Livshitz used to see organizations trying to solve their myriad network security needs through multiple products, because at one point, that’s all the market offered. “They understood along the way that where you have multiple solutions […] you actually create a lot of overhead for your teams,” Livshitz says. “And what we are seeing today—not only [in] network security, but in many other areas of security—we see a convergence.” Instead of buying and using 20 tools, organizations want to use a limited number of tools that enable them to do more work, reducing the amount of time wasted on managing tools.
Guardicore distinguishes itself by offering one solution, to create one security policy across all workloads, meeting the need for consistent visibility and control. Livshitz and his team know that when it comes to hybrid network security, less is more.
“We have a management system that talks to an aggregation layer, […] which talks to the agents deployed on the different workloads,” Livshitz explains. “And usually what we do is […] use AWS to host the management tiers and sometimes the aggregation layer, as well.”
The company’s current focus is on enabling different micro-segmentation scenarios and moving its capabilities forward in the container and serverless ecosystems. Livshitz and his team are looking to provide a security solution for bare metal, Virtual Machines (VMs), serverless platforms like Lambda, and more. The era of cloud nativity is still a little ways off, but it’s coming—Livshitz is sure of that.
“Even though it’s still a small portion of existing data centers, especially for the more conservative organizations […] it’s going to be more and more important as time goes [on],” he says.
Livshitz says Guardicore’s sweet spot is “medium-large enterprises that […] already have established data centers but also are moving to the cloud and looking to enlarge their cloud deployments.” The last AWS conference the team attended saw the largest booking of accounts ever—a success he attributes to the enormous push to adopt cloud computing.
“It was really slow for many years because people didn’t know how to handle it. And I think that both devops and security have come to a good place where people are starting to feel very comfortable with moving their workloads to the cloud,” he says.
So comfortable, in fact, that even many of Guardicore’s banking customers—traditionally among their most conservative—are moving to the cloud. Livshitz views this a sea change. He says, “I think it’s a great sign that people are really starting to adopt cloud on a massive level.”
from AWS Startups Blog