UPDATED 13:00 EST / APRIL 17 2019

SECURITY

You’re fired: Network-driven security does it better for distributed IT

For many companies, the days of locking data behind monolithic cybersecurity walls are gone. Distributed computing systems and internet of things edge devices are sending data on risky runs around a vast network. This is why some forward-looking companies are staking out the network as the basis for modern security; rather than a wall, it’s like a track lined with safety checks.

The shift toward data-centric business is putting the network at the center of security, according to Dominique Jodoin (pictured), president and chief executive officer of NoviFlow Inc. And ever-evolving threat types require network security that is agile and able to adapt to respond to new attacks. This means that a highly flexible, programmable network is needed to keep data secure, Jodoin pointed out.

It’s apparent that firewalls alone are not going to cut it as systems continue to grow and spread out. A 2016 Forrester Research Inc. survey commissioned by Fortinet Inc. found that 70% of respondents maintained 51 or more firewalls, resulting in a confusing armful of policies to manage.

Programming the network to meet new security challenges is a potent but still nascent defense method, according to Jodoin. Few companies are taking full advantage of network-level security today; however, “With the right network fabric, the right tools to be able to react, they could actually be much more powerful,” he stated. 

Jodoin spoke with Lisa Martin (@LisaMartinTV), host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the Fortinet Accelerate event in Orlando, Florida. They discussed programmable networking’s cybersecurity potential for modern businesses (see the full interview with transcript here). (* Disclosure below.)

This week, theCUBE spotlights NoviFlow in our Startup of the Week feature.

SDN gets a gun and a badge

NoviFlow began its life seven years ago in software-defined programmable networking. It arrive in the cybersecurity space by accident, according to Jodoin. In recent years, some customers began re-purposing NoviFlow networking software for security use cases. NoviFlow discovered this novel application of its product and began work to develop it. The company has partnered with cybersecurity company Fortinet — a proponent of network-driven security — to form integrated solutions.

“Security needs to start converging together with networking,” Ken Xie, founder and CEO of Fortinet recently told theCUBE. “You need to make sure security follows the data — that’s the new trend. That’s where the infrastructure [of] security needs to involve the networking side, the end-point side and the cloud.”

NoviFlow’s pedigree as an edge-of-network specialist makes it well-suited to tackle decentralized IT’s hairy security problems, according to Jodoin. The company has deployed at tier-one telecommunications carriers around the world, including Telstra Corp. Hutchison Holdings Ltd., as well government agencies.

Its work with Fortinet revolves around lightening the load for Fortinet’s security technologies. “We’re not in fact a cybersecurity company. We are really complementing the products of Fortinet by playing upstream and doing a pre-filtering controlled by the policy management of the Fortinet equipment, but nevertheless taking up some of the load so that the equipment can be more efficient,” he said. 

Bringing telecom scale to security

So far, the companies have developed two solutions. The first is a networking solution for large customers transitioning from an existing appliance to new virtualized technology. NoviFlow enables easier scaling for these companies with 100 gigabytes of traffic or more.

“You go from a very powerful appliance, and once you virtualize this appliance, you might end up with 30 different servers running in parallel. You have to have load balancers in front of it. That makes for a very complex and very expensive solution,” Jodoin said.  

The on-demand, integrated solution enables them to adjust the number of virtual machines for whatever cybersecurity job they have to do. If the demand comes down, these VMs are released into the customer’s data centers to fulfill other needs. It is scalable up to 6.5 terabits per second, which is “unheard of,” according to Jodoin.

The second solution is a Carrier Grade Network Address Translation, which also enables easier scaling. “We can scale the Carrier Grade NAT analysis up to 1.6 terabits per second per match,” he said. 

Fabric flexes to meet new security challenges

Besides scale, NoviFlow and Fortinet’s network programmability solutions address baked-in security at the network level. The networks of distributed systems broaden the surface area of attack; they also are giving rise to whole new classes of threats.

“You’ve got to be able to evolve your solution in time as these attacks are evolving,” Jodoin said. “You’ve got to be able to build a cybersecurity network-ready fabric from the bottom-up so that your network is one of the key features to actually stop the attacks.” 

NoviFlow provides pre-processing technology that can blacklist or whitelist incoming data in Fortinet systems. And NoviFlow is one of Fortinet’s 57 “Fabric-Ready” partners. This means its platform can easily adapt Fortinet’s security fabricThe software disaggregated network operating system is also complemented by easy-to-use porting layers. Users can combine Fortinet’s security fabric and NoviFlow’s platform for a security-aware programmable network, Jodoin concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the Fortinet Accelerate event. (* Disclosure: TheCUBE is a paid media partner for Fortinet Accelerate 2019. Neither Fortinet Inc., the sponsor for theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU