It was announced this week that Israeli security startup GuardiCore had closed a round of fundraising to begin production on its new security system designed to internally secure data centers. The technology takes advantage of recent improvements in network virtualization and uses software-defined networking methods to defend data centers operating at multi-terabit rates of traffic.
"SDN is an opportunity to introduce advanced security controls and capabilities into the data center network in a way that can scale to the demands of a large [data center] and offer a dynamic and proactive security control framework, detecting and mitigating an attack at an early stage," said the company in a statement.
A weakness created by modern facilities' tendency to include applications that cross security parameters has been exacerbated by the adoption of intra-data center traffic that moves at multi-terabit levels, according to GuardiCore CEO Pavil Gurvich. The new technology aims to address the increase in cyberattacks committed within a data center that go unnoticed due to insufficient security measures. Traditional methods of defense, including sandboxing, intrusion detection and deep packet inspection, are not capable of keeping pace with the speeds at which data center traffic currently operates.
The first component of this new security system, Active Honeypot, surreptitiously re-routes network traffic to counter attack cybercriminals by sending data to an 'ambush' server. The secret server is highly monitored and is capable of quickly providing information about the attack in order to effectively eliminate the threat. Active Honeypot is currently being evaluated in a variety of data centers and private cloud environments.
The recent round of fundraising was led by Battery Ventures, whose general partner Scott Tobin noted that tracking and eliminating intra-data center threats is the next important skill for the industry to master.
"Traditional security techniques have focused on keeping the bad guys out of the perimeter. GuardiCore's approach assumes you have already been compromised and provides levels of visibility and protection that were previously unattainable," said Tobin.