Cisco Alums Revamp Firewall Solution
Founded by five former Cisco engineers, start-up Rohati Systems just made its entrance onto the network security stage, with the goal of entirely revamping traditional firewall solutions.
Their core competency? High performance entitlement control for applications. So these are not your mother's traditional firewalls, founders say.
"Rohati is not a perimeter firewall solution," says Rohati CEO Shane Buckley. "And Rohati is not attempting to replace the perimeter threat mitigation devices. We, along with many others, believe that the nature of the network perimeter is being redefined and that traditional approaches are ineffective."
Execs contend that their aim was to fill in the gaps created by firewalls, which are often limited by lack of depth and relevance of controls. While firewalls do a "pretty good job" of threat mitigation at the network perimeter, they don't always provide a depth of defense that would allow companies to manage and control access and authorization to applications and network, Buckley said.
And highlighting its debut, the company has launched its first network-based entitlement control solution, Transaction Networking System, designed to limit users' access to applications based on their authentication credentials.
Specifically, the appliance is designed for F500 data center environments -- intended to reside in the data center and close to the applications it protects. It also enables enterprise businesses to authenticate each session and authorize each transaction based on their business policies and security needs.
"The coarse grained Layer 4 controls that firewalls provide were fine in the 1990s when users were tied to an IP address," said Buckley. "Those days are gone," Buckley said.
Now, companies require both in-house "insiders" and outsourced "outsiders" and a diverse array of mobile devices, making it almost impossible to tie an IP address to a specific user, Buckley said.
And partners say that the solution is unique in that it provides Layer 7 ACLs for granular entitlement and enforcement capabilities, with the ability to support new business security and authentication trends by expanding policy controls and allow businesses to specifically hone access based on users' credentials.
In addition, the TNS platform provides entitlement control on a per-transaction basis across a wide array of applications and resources, including Sharepoint.
And partners say that this is not a commoditized market. Tom Shaw, president of Wide Area Management Services, based in Santa Clara, Calif., said that while the device is best suited for an enterprise environment, it is targeted toward any vertical that has "pain in supporting multiple applications."
"A lot of CEOs are deploying Sharepoint for compliance reasons to allow secure access with login function," said Shaw. "Companies are making investments in applications. These are their crown jewels. These are the crown jewels of their clients. Yet (execs) are at the mercy of consultants to write them into the application to gain access to them. It could take weeks, and potentially months."
Shaw also said the device's centralized management console, and low latency and management, gave him the ability to talk about budget, compliance and other concerns with C-level execs. The TNS device can also be implemented with no changes to the server, users or network -- a feature which partners say provides opportunities to sell upmarket relatively quickly.
"With this device, we're able to talk about securing the applications but can also cross-sell to application acceleration and compliance," said Shaw. "We're not just sticking a faster better switch out here."