12:00 PM
Dark Reading
Dark Reading
Products and Releases

Pertino Brings Zero-Trust Networking to the Wide Area Network

Pertino Combines Secure Overlays, Network Virtualization And Multi-Layer Authentication To Address The Network Security Challenges Of Distributed Workforces And Workloads

LOS GATOS, Calif. – April 9, 2015 – Pertino, a company reinventing networking for the mobile and cloud era, today announced an extension of its Cloud Network Engine security foundation that brings zero-trust networking to the WAN and addresses the network security challenges of distributed workforces and workloads within the enterprise. Pertino combines secure overlays, virtualization and new Multi-Layer Authentication (MLA) capabilities to enable enterprises to extend zero-trust networking over the Internet to remote and mobile devices, virtual machines (VMs), Docker containers, and even IP-connected devices like kiosks and industrial controls.

According to Cisco’s 2014 Global Cloud Index, enterprise cloud IP traffic will more than triple from 2013 to 2018 to reach 2.2 zettabytes annually. This represents a seismic shift of enterprise traffic from private networks to the public Internet and makes network security a paramount concern of CIOs embracing SaaS and public and hybrid cloud computing.

“As enterprise workforces and workloads become more distributed and diverse, we are forced to rethink our current network security paradigm,” said Bharath Rangarajan, vice president of product at Pertino. “Traditional network security has been predicated on IT controlling both sides of WAN and everything that connects to them. Pertino’s approach makes no such assumptions and instead integrates security functionality as part of an overlay virtual network.”

Shifting Trends Require Shift in Approach

Despite enterprises spending a record of more than $71 billion worldwide on information security (Gartner) in 2014, security incidents are growing at a 66 percent CAGR according to the 2015 PWC Global Information Security Survey. Common trends in recent high-profile breaches include inadequate authentication, limited segmentation and security policy within the enterprise network—allowing attackers to roam freely once inside—and lack of on-the-wire security. This widening gap between security spending and efficacy signals that traditional security models are falling short of protecting increasingly distributed IT infrastructures.

Pertino developed the security foundation of its Cloud Network Engine platform specifically to deal with the implications of the growing diversity, distribution and transiency of enterprise network endpoints—both physical and virtual. The main pillars are:

●   Abstraction through secure overlays: By abstracting and encrypting traffic from the underlying Internet and public networks, virtual networks become impervious to port scans, packet sniffing and DDoS attacks.

●   Isolation through network virtualization: By combining SDN and network virtualization, Pertino enables enterprises to extend zero-trust networks across the WAN to micro-segment and isolate specific users, devices and workloads into virtual networks of any size. If a device or VM becomes infected or breached, the threat is instantly contained.

●   Trust through multi-layer authentication: Hybrid cloud, automation, BYOD and an increasingly mobile workforce are challenging traditional authentication models. Pertino MLA addresses these challenges by enabling enterprises to deploy or extend a combination of authentication modalities:

o    Overlay Domains: Extend Active Directory domains to devices anywhere to ensure remote users are always authenticating to AD and that group policies and security updates are always up-to-date.

o    Machine API Keys: Auto-generated machine-level API keys that can be included within cloud automation scripts to instantly authenticated VMs and Docker containers to the network at scale.

o    Auto-PKI: PKI-as-a-Service that uses the SDN control plane to automate generation, distribution and administration of secure, elliptic curve keys, providing certificate authentication on every device without configuration or management headaches.

“As enterprise IT extends to include SaaS, public cloud, and even IoT devices, the traditional, network perimeter model of network security no longer makes sense,” said Peter Christy, director of network research at 451 Research. “Network virtualization and the logical segmentation and more flexible and robust authentication it can provide will play critical roles in securing today’s hybrid workloads, distributed workforces and connected devices.”

About Pertino

Pertino is a new way to WAN for the mobile and cloud era—secure, software-defined and delivered as a service. Mobile and cloud technologies are transforming IT, resulting in a hybrid IT model where distributed workforces and workloads are reliant on the Internet. Our Cloud Network Engine platform enables enterprises to build and manage private cloud networks that overlay the public Internet, securely connecting people, devices and resources anywhere. With AppScape, our network services app store, Pertino cloud networks can be extended with enterprise-level visibility, security and control services. This modern approach to networking combines the power and pervasiveness of the cloud with SDN and virtualization technologies to eliminate cost and complexity. Finally, a WAN that is cloud-agile and works the way organizations work today, without hardware, hassles, or high costs. Founded in 2011, Pertino is venture funded by premier firms and headquartered in Los Gatos, Calif. For more information or to try Pertino free for 30-days, please visit pertino.com.


Media Contact:

Megan Grasty

(415) 963-4174 x26

[email protected]

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Securing Social Media: National Safety, Privacy Concerns
Kelly Sheridan, Staff Editor, Dark Reading,  4/19/2018
Firms More Likely to Tempt Security Pros With Big Salaries than Invest in Training
Sara Peters, Senior Editor at Dark Reading,  4/19/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
[Strategic Security Report] How Enterprises Are Attacking the IT Security Problem
Enterprises are spending more of their IT budgets on cybersecurity technology. How do your organization's security plans and strategies compare to what others are doing? Here's an in-depth look.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.