Endpoint
4/10/2015
12:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Pertino Brings Zero-Trust Networking to the Wide Area Network

Pertino Combines Secure Overlays, Network Virtualization And Multi-Layer Authentication To Address The Network Security Challenges Of Distributed Workforces And Workloads

LOS GATOS, Calif. – April 9, 2015 – Pertino, a company reinventing networking for the mobile and cloud era, today announced an extension of its Cloud Network Engine security foundation that brings zero-trust networking to the WAN and addresses the network security challenges of distributed workforces and workloads within the enterprise. Pertino combines secure overlays, virtualization and new Multi-Layer Authentication (MLA) capabilities to enable enterprises to extend zero-trust networking over the Internet to remote and mobile devices, virtual machines (VMs), Docker containers, and even IP-connected devices like kiosks and industrial controls.

According to Cisco’s 2014 Global Cloud Index, enterprise cloud IP traffic will more than triple from 2013 to 2018 to reach 2.2 zettabytes annually. This represents a seismic shift of enterprise traffic from private networks to the public Internet and makes network security a paramount concern of CIOs embracing SaaS and public and hybrid cloud computing.

“As enterprise workforces and workloads become more distributed and diverse, we are forced to rethink our current network security paradigm,” said Bharath Rangarajan, vice president of product at Pertino. “Traditional network security has been predicated on IT controlling both sides of WAN and everything that connects to them. Pertino’s approach makes no such assumptions and instead integrates security functionality as part of an overlay virtual network.”

Shifting Trends Require Shift in Approach

Despite enterprises spending a record of more than $71 billion worldwide on information security (Gartner) in 2014, security incidents are growing at a 66 percent CAGR according to the 2015 PWC Global Information Security Survey. Common trends in recent high-profile breaches include inadequate authentication, limited segmentation and security policy within the enterprise network—allowing attackers to roam freely once inside—and lack of on-the-wire security. This widening gap between security spending and efficacy signals that traditional security models are falling short of protecting increasingly distributed IT infrastructures.

Pertino developed the security foundation of its Cloud Network Engine platform specifically to deal with the implications of the growing diversity, distribution and transiency of enterprise network endpoints—both physical and virtual. The main pillars are:

●   Abstraction through secure overlays: By abstracting and encrypting traffic from the underlying Internet and public networks, virtual networks become impervious to port scans, packet sniffing and DDoS attacks.

●   Isolation through network virtualization: By combining SDN and network virtualization, Pertino enables enterprises to extend zero-trust networks across the WAN to micro-segment and isolate specific users, devices and workloads into virtual networks of any size. If a device or VM becomes infected or breached, the threat is instantly contained.

●   Trust through multi-layer authentication: Hybrid cloud, automation, BYOD and an increasingly mobile workforce are challenging traditional authentication models. Pertino MLA addresses these challenges by enabling enterprises to deploy or extend a combination of authentication modalities:

o    Overlay Domains: Extend Active Directory domains to devices anywhere to ensure remote users are always authenticating to AD and that group policies and security updates are always up-to-date.

o    Machine API Keys: Auto-generated machine-level API keys that can be included within cloud automation scripts to instantly authenticated VMs and Docker containers to the network at scale.

o    Auto-PKI: PKI-as-a-Service that uses the SDN control plane to automate generation, distribution and administration of secure, elliptic curve keys, providing certificate authentication on every device without configuration or management headaches.

“As enterprise IT extends to include SaaS, public cloud, and even IoT devices, the traditional, network perimeter model of network security no longer makes sense,” said Peter Christy, director of network research at 451 Research. “Network virtualization and the logical segmentation and more flexible and robust authentication it can provide will play critical roles in securing today’s hybrid workloads, distributed workforces and connected devices.”

About Pertino

Pertino is a new way to WAN for the mobile and cloud era—secure, software-defined and delivered as a service. Mobile and cloud technologies are transforming IT, resulting in a hybrid IT model where distributed workforces and workloads are reliant on the Internet. Our Cloud Network Engine platform enables enterprises to build and manage private cloud networks that overlay the public Internet, securely connecting people, devices and resources anywhere. With AppScape, our network services app store, Pertino cloud networks can be extended with enterprise-level visibility, security and control services. This modern approach to networking combines the power and pervasiveness of the cloud with SDN and virtualization technologies to eliminate cost and complexity. Finally, a WAN that is cloud-agile and works the way organizations work today, without hardware, hassles, or high costs. Founded in 2011, Pertino is venture funded by premier firms and headquartered in Los Gatos, Calif. For more information or to try Pertino free for 30-days, please visit pertino.com.

 

Media Contact:

Megan Grasty

(415) 963-4174 x26

[email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.