Edgewise Networks has emerged from stealth mode with an approach to network security that is says fixes the biggest problem in firewalls: their reliance on IP addresses, the basic identifier for computing devices.

Edgewise’s approach instead works at the application layer, allowing only trusted applications to communicate over approved network paths. The company said its approach eliminates 98 percent of the typical network attack surface.

“Firewalls don’t stop attacks,” said Harry Sverdlove, Edgewise’s chief technology officer. “The perimeter is fortified but inside the perimeter is open.” As a result, intruders can spend up to 200 days inside a network before detection, a metric called “dwell time.”

Edgewise’s Trusted Application Networking approach prevents network-borne threats from progressing by validating the identity of application software rather than the IP address. The company said this technique prevents malicious actors from piggybacking on firewall policies, propagating through internal networks and compromising applications.

“A firewall draws a circle around a set of addresses and says only they can communicate with each other. We draw a circle around a group of software and say only this software is allowed to communicate,” Sverdlove said. “A web server may talk to this app server and only this app server.”

The software uses machine learning to scan a network build a rule set of trusted applications, which can then be managed with policies. Edgewise says its policy set is so efficient that the system can manage 13,000 connections with just 180 policies. “You just click on what you want to protect,” Sverdlove said. Experts can optionally drill down to see application-centric policies described in natural language. Application services are protected whether deployed on-premises or in the cloud.

The software is delivered as a cloud-based hosted system with an endpoint component that’s installed on the virtual machines and physical servers to be managed. Currently in private beta test, its general availability is scheduled for early in the fourth quarter.

Boston-based Edgewise has raised unspecified funding from .406 Ventures, Accomplice and Pillar Companies, along with private investments by chief executives of several security companies.

Image: Pixabay