12:00 PM
Dark Reading
Dark Reading
Products and Releases

Pertino Brings Zero-Trust Networking to the Wide Area Network

Pertino Combines Secure Overlays, Network Virtualization And Multi-Layer Authentication To Address The Network Security Challenges Of Distributed Workforces And Workloads

LOS GATOS, Calif. – April 9, 2015 – Pertino, a company reinventing networking for the mobile and cloud era, today announced an extension of its Cloud Network Engine security foundation that brings zero-trust networking to the WAN and addresses the network security challenges of distributed workforces and workloads within the enterprise. Pertino combines secure overlays, virtualization and new Multi-Layer Authentication (MLA) capabilities to enable enterprises to extend zero-trust networking over the Internet to remote and mobile devices, virtual machines (VMs), Docker containers, and even IP-connected devices like kiosks and industrial controls.

According to Cisco’s 2014 Global Cloud Index, enterprise cloud IP traffic will more than triple from 2013 to 2018 to reach 2.2 zettabytes annually. This represents a seismic shift of enterprise traffic from private networks to the public Internet and makes network security a paramount concern of CIOs embracing SaaS and public and hybrid cloud computing.

“As enterprise workforces and workloads become more distributed and diverse, we are forced to rethink our current network security paradigm,” said Bharath Rangarajan, vice president of product at Pertino. “Traditional network security has been predicated on IT controlling both sides of WAN and everything that connects to them. Pertino’s approach makes no such assumptions and instead integrates security functionality as part of an overlay virtual network.”

Shifting Trends Require Shift in Approach

Despite enterprises spending a record of more than $71 billion worldwide on information security (Gartner) in 2014, security incidents are growing at a 66 percent CAGR according to the 2015 PWC Global Information Security Survey. Common trends in recent high-profile breaches include inadequate authentication, limited segmentation and security policy within the enterprise network—allowing attackers to roam freely once inside—and lack of on-the-wire security. This widening gap between security spending and efficacy signals that traditional security models are falling short of protecting increasingly distributed IT infrastructures.

Pertino developed the security foundation of its Cloud Network Engine platform specifically to deal with the implications of the growing diversity, distribution and transiency of enterprise network endpoints—both physical and virtual. The main pillars are:

●   Abstraction through secure overlays: By abstracting and encrypting traffic from the underlying Internet and public networks, virtual networks become impervious to port scans, packet sniffing and DDoS attacks.

●   Isolation through network virtualization: By combining SDN and network virtualization, Pertino enables enterprises to extend zero-trust networks across the WAN to micro-segment and isolate specific users, devices and workloads into virtual networks of any size. If a device or VM becomes infected or breached, the threat is instantly contained.

●   Trust through multi-layer authentication: Hybrid cloud, automation, BYOD and an increasingly mobile workforce are challenging traditional authentication models. Pertino MLA addresses these challenges by enabling enterprises to deploy or extend a combination of authentication modalities:

o    Overlay Domains: Extend Active Directory domains to devices anywhere to ensure remote users are always authenticating to AD and that group policies and security updates are always up-to-date.

o    Machine API Keys: Auto-generated machine-level API keys that can be included within cloud automation scripts to instantly authenticated VMs and Docker containers to the network at scale.

o    Auto-PKI: PKI-as-a-Service that uses the SDN control plane to automate generation, distribution and administration of secure, elliptic curve keys, providing certificate authentication on every device without configuration or management headaches.

“As enterprise IT extends to include SaaS, public cloud, and even IoT devices, the traditional, network perimeter model of network security no longer makes sense,” said Peter Christy, director of network research at 451 Research. “Network virtualization and the logical segmentation and more flexible and robust authentication it can provide will play critical roles in securing today’s hybrid workloads, distributed workforces and connected devices.”

About Pertino

Pertino is a new way to WAN for the mobile and cloud era—secure, software-defined and delivered as a service. Mobile and cloud technologies are transforming IT, resulting in a hybrid IT model where distributed workforces and workloads are reliant on the Internet. Our Cloud Network Engine platform enables enterprises to build and manage private cloud networks that overlay the public Internet, securely connecting people, devices and resources anywhere. With AppScape, our network services app store, Pertino cloud networks can be extended with enterprise-level visibility, security and control services. This modern approach to networking combines the power and pervasiveness of the cloud with SDN and virtualization technologies to eliminate cost and complexity. Finally, a WAN that is cloud-agile and works the way organizations work today, without hardware, hassles, or high costs. Founded in 2011, Pertino is venture funded by premier firms and headquartered in Los Gatos, Calif. For more information or to try Pertino free for 30-days, please visit pertino.com.


Media Contact:

Megan Grasty

(415) 963-4174 x26

[email protected]

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Current Issue
5 Security Technologies to Watch in 2017
Emerging tools and services promise to make a difference this year. Are they on your company's list?
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.