New Ponemon Study: Enterprises Eliminating Legacy Firewalls Due to High Costs and Inability to Stop Cyberattacks

60% of Respondents Believe Firewalls are Ineffective in Stopping Cyberattacks Against Applications, Data Centers, and Data in the Cloud; Lack of Flexibility Hinders Digital Transformation Initiatives

Boston, Mass. and Tel Aviv, Israel – October 27, 2020 – According to a new report, more than 60% of organizations believe that legacy firewalls are ineffective in preventing damaging cyberattacks against applications, data centers, and data in the cloud. As a result, 53% of survey respondents are actively looking to replace legacy firewalls with modern security solutions that are more cost effective, provide greater flexibility and can match the speed and agility digital transformation requires.

The “Rethink Firewalls: Security and Agility for the Modern Enterprise” report, conducted by Ponemon on behalf of Guardicore, surveyed more than 600 security professionals in the U.S. to gain insight into how legacy firewalls are used in the modern enterprise. Digital transformation and the rapid adoption of cloud infrastructure has pushed the boundaries of traditional network security tools. The report demonstrates how legacy security technologies – such as network and ‘next-gen’ firewalls – hinder agility and fail to secure data and applications across data centers and cloud environments.

“The findings of the report reflect what many CISOs and security professionals already know – digital transformation has rendered the legacy firewall obsolete,” said Pavel Gurvich, co-founder and CEO, Guardicore. “As organizations adopt cloud, IoT, and DevOps to become more agile, antiquated network security solutions are not only ineffective at stopping attacks on these properties, but actually hinder the desired flexibility and speed they are hoping to attain.”

Rethink Firewalls – Key Study Takeaways

  • Legacy Firewalls are Failing to Enable Zero Trust: Zero Trust has emerged as an effective framework to help modern organizations protect cloud infrastructure, distributed workforces and applications. According to the report, while 49% of respondents have implemented a Zero Trust model of security to some extent, 63% believe their organizations’ legacy firewalls are failing to enable Zero Trust across the enterprise.
  • Firewalls Fail to Stop Attacks, Leave Organizations Vulnerable: Legacy security technologies fail to minimize the attack surface and increasingly leave organizations vulnerable to cyberattacks. 61% of respondents say their organizations’ firewalls could not contain a breach of its data center perimeter, while 64% believe that legacy firewalls are ineffective against modern attacks like ransomware.
  • Legacy Firewalls Hinder Agility, Cost Too Much to Maintain: Organizations increasingly believe that firewalls are damaging to digital transformation, lacking the flexibility and speed required for modern environments. Fifty seven percent of respondents indicate it can take from three weeks to more than a month to change firewall rules to accommodate an update or new application. This is driving firewall attrition, with more than 53% organizations moving away from firewalls due to costs and complexity.

“The findings of the report shows the number one concern of firewall buyers is whether they can actually get next-gen firewalls to work in their environments. As organizations move into the cloud, legacy firewalls do not have the scalability, flexibility or reliability to secure these environments, driving up costs while failing to reduce the attack surface,” said Dr. Larry Ponemon, Chairman and Founder, Ponemon Institute. “As a result, organizations are reaching the conclusion that firewalls are simply not worth the time and effort and they’re actually negatively impacting digital transformation initiatives. This is driving a move toward modern security solutions like micro-segmentation, that can more effectively enforce security at the edge.”

On Oct. 27th at 1 p.m. ET, Guardicore will be hosting a webinar with Guardicore customer David Stennett, Sr. Infrastructure Engineer, The Honey Baked Ham Company, and Larry Ponemon, Ph.D, Chairman and Founder, Ponemon Institute, to discuss the findings and strategies for how organizations can replace legacy firewalls with modern security solutions like micro-segmentation for greater flexibility, control and security of data centers, applications and cloud environments.

To register, please visit: https://go.guardicore.com/guardicore-ponemon-webinar-changing-the-face-of-network-security

To download a copy of the report, please visit: https://www.guardicore.com/resources/rethink-firewalls-security-and-agility-for-the-modern-enterprise/

About Guardicore
Guardicore is the segmentation company disrupting the legacy firewall market. Our software-only approach is decoupled from the physical network, providing a faster alternative to firewalls. Built for the agile enterprise, Guardicore offers greater security and visibility in the cloud, data-center and endpoint. For more information, please visit www.guardicore.com or go to Twitter or LinkedIn.

Can you reduce your attack surface to zero?


As network changes take place faster and faster, attack surfaces grow at a corresponding pace, increasing business vulnerability.

It’s critical to:

  • Articulate the risks brought on by a large attack surface.
  • Visualize how radically software-based segmentation can reduce your attack surface.
  • Quantify the risk reduction so others across the business can understand the value of taking action.

But can you reduce your attack surface to zero? And what exactly are we talking about here when we reference the attack surface?

What is an application attack surface?

Application attack surfaces are the communications not restricted between endpoints in the network and an open port on one of the servers of the application in review. The bigger the attack surface, the more vulnerable your environment is. For example, a successful ransomware attack starts from an attacker leveraging the ability to (a): penetrate the network by leveraging non-monitored communication paths1 and (b): move laterally, targeting critical data or high privileged services and propagating ransomware across entire networks, before encrypting all they can (including your backups).

Reducing the attack surface by exposing only needed services/ports to the smallest group of clients is essential to stopping this type of attack from penetrating your network. A well micro-segmented network will prevent the attackers from moving laterally within the network, gaining growing control over more assets. Unfortunately, this is just one possible attack vector – there are others.

So, can you reduce your attack surface to zero?

Given all the issues that can be brought on by having a broad attack surface, it seems like the answer would be to shut the attack surface down.

Unfortunately, you can’t really reduce your attack surface to zero – unless you can:

  • Disconnect all communication paths between the internet and all of the servers in your network (including IoT devices).
  • Prevent anyone with access to your organization’s IT infrastructure (including network systems, laptops, virtual environments, databases, business applications, etc.) from uploading, downloading, opening emails, clicking on links, connecting their own devices, or making any changes to set configurations.
  • Hire only people who make zero mistakes, 100% of the time.

Assuming connectivity with the outside world is required and human errors are here to stay, how can you realistically protect your critical applications to ensure business continuity and growth? The answer is to reduce the attack surface to a minimum using software-based segmentation. Make sure the only open communication paths between an application’s servers/processes and other applications, users, or internet sources are allowed and monitored by your set policy.

Software-based segmentation brings instant visibility for attack surface reduction

Learn how Guardicore can help

How do I prove the value of attack surface reduction to management?

Even if you know the benefits of using software-based segmentation to reduce your attack surface, demonstrating the risk reduction value of segmentation to management can be a challenge. That’s where Guardicore’s Risk Reduction Assessment Report comes in.

The report enables security teams to visualize and understand their applications’ attack surface by seeing which other assets can communicate with the application’s servers. The report then provides a view of what the attack surface looks like once unnecessary communication paths are closed and the attack surface has been minimized.

The personalized report is based on a zero-impact process that enables Guardicore to analyze your own applications. There is no required software installation and we are at no point connected to your environment. The report is based on netstat type data we receive from the organization we work with on the report. The business requesting the report chooses which application and servers to collect data from.

There are a few ways to collect us the data:

  • Open-source data collector script
  • A Netflow file
  • A PCAP file containing packet network data
  • Guardicore agents (as part of a PoC process)

The result is a document that visually demonstrates:

  • The way software-based segmentation reduces the risks of a flat network.
  • The quantified value of segmentation in your own business environment.
  • The logic behind the generation of the graphs and numbers in the report.

How do I get a personalized report analyzing my business applications’ risk reduction potential?

Ready to try the Risk Reduction Assessment Report out for yourself? Sign up today to find out how much you can reduce your attack surface using Guardicore’s software-based segmentation solution.

Get Your Attack Surface Reduction Report

MEASURE RISK REDUCTION RESULTS

How does Guardicore Centra help reduce the accessibility of the attack surface?

Guardicore Centra’s software-based segmentation enables enterprises to reap the benefits of risk reduction while supporting agile DevOps and rapid application deployment. The solution delivers optimal security at a faster speed with greater security efficacy.

Guardicore’s micro-segmentation is performed at the workload level rather than at the infrastructure level. Therefore, it can be implemented consistently throughout a hybrid cloud infrastructure and it adapts seamlessly as environments change or workloads relocate.

Micro-segmentation lets security teams create granular policies that segment applications from one another and/or segment tiers within an application. As a result, companies can accomplish such goals as:

  • Slow or block attackers’ efforts to move laterally.
  • Create a security boundary around assets with compliance or regulatory requirements.
  • Enforce corporate security policies and best practices throughout the infrastructure.
  • Apply Zero Trust principles throughout the infrastructure, even as the business extends from the data center to one or more cloud platforms.

This focus on preventing lateral movement through in-depth governance of applications and flows reduces the available attack surface even as IT infrastructure grows and diversifies.

What can I do to kickstart my program?

Now that you understand the importance of reducing the accessibility of the attack surface, here are a few things you can do get started:

  1. Read more about attack surface reduction: Download the paper about how to demonstrate the importance of minimizing the attack surface.
  2. Get the attack surface reduction report: Sign up for your personalized report today.
  3. Receive a Guardicore demo: See how Guardicore’s software-based segmentation solution, Guardicore Centra, can help you today.

1 For example by using weak points such as internet-facing servers and remote-desktop logins or people unintentionally downloading malicious payloads

Guardicore Named One of 2020 Best Small and Medium Workplaces by Great Place to Work™ and FORTUNE

BOSTON and TEL AVIV, Israel, October 16, 2020 Guardicore, the segmentation company disrupting the legacy firewall market, today announced it was named one of the 2020 Best Small and Medium Workplaces by Great Place to Work™ and FORTUNE. The ranking is based on confidential survey feedback representing more than 189,000 employees working at small- and medium-sized businesses in the United States.

“At Guardicore, we pride ourselves on being a global team of innovators passionate about security, and hungry to make an impact,” said Pavel Gurvich, Co-Founder and CEO, Guardicore. “We’re changing the way organizations protect their data centers and clouds from advanced threats – and that starts with our people. Our culture is full of innovation, creativity and agility — and we are thrilled to be recognized on this year’s Best Workplaces list by Great Place to Work™ and FORTUNE.”

Guardicore is a segmentation company that provides its customers with a faster, more cost-effective alternative to traditional firewalls. The company has 5.0 star reviews on Glassdoor, due to its open and transparent communication style, opportunities for career growth, and competitive salaries. Some company perks include a robust benefits package, annual company kick-offs for all employees, and dog-friendly work environment — all which lead to the company’s high retention rates. 

“Best Workplaces like Guardicore have built dynamic, flexible, and transparent workplaces founded on trust,” said Michael C. Bush, CEO of Great Place to Work. “This gives companies on this list a powerful opportunity not just to do well for their people, but also to do well for their businesses.”

Great Place to Work, a global people analytics and company culture research firm, evaluated more than 60 elements of team members’ experience on the job. These included the extent to which employees trust leaders, the respect with which people are treated, the fairness of workplace decisions, and how much camaraderie there is among the team.  

The Best Small Workplaces and Best Medium Workplaces lists are part of a series of rankings by Great Place to Work and FORTUNE based on employee feedback from Great Place to Work-Certified™ organizations. 

To learn more about available career opportunities at Guardicore, please visit: https://www.guardicore.com/company/careers/ 


About Guardicore:
Guardicore is the segmentation company disrupting the legacy firewall market. Our software-only approach is decoupled from the physical network, providing a faster alternative to firewalls. Built for the agile enterprise, Guardicore offers greater security and visibility in the cloud, data-center and endpoint. For more information, please visit www.guardicore.com or go to Twitter or LinkedIn.


About the Best Small & Medium Workplaces
To determine the 2020 Best Small Workplaces list and the 2020 Best Medium Workplaces list, Great Place to Work® gathered and analyzed confidential survey feedback representing more than 189,000 employees working in small- and medium-sized businesses in the United States.  Employees responded to over 60 survey questions describing the extent to which their organization creates a great place to work For All™. 

Eighty-five percent of the evaluation is based on what employees say about their experiences of trust and reaching their full human potential as part of their organization, no matter who they are or what they do. Great Place to Work analyzes these experiences relative to each organization’s size, workforce make up, and what’s typical relative to their peers in the industry.  

The remaining 15 percent of the rank is based on assessing how consistent employees’ daily experiences of innovation, the company’s values, and their leaders’ effectiveness are.

To learn more about Great Place to Work-Certification and recognition on Best Workplaces lists published with Fortune, visit Greatplacetowork.com

About Great Place to Work
Great Place to Work® is the global authority on workplace culture. They help organizations quantify their culture and produce better business results by creating a high-trust work experience for all employees. Emprising®, their culture management platform, empowers leaders with the surveys, real-time reporting, and insights they need to make data-driven people decisions. They recognize Great Place to Work-Certified companies and the Best Workplacesin the U.S. and more than 60 countries, including the 100 Best Companies to Work For® list published annually in Fortune.

Learn more at greatplacetowork.com and join the community on LinkedIn, Twitter, and Instagram.

Media Contact:
Maryellen Sartori
Guardicore@famapr.com
617-986-5035

WarezTheRemote: Turning Remotes into Listening Devices

Guardicore Labs uncovers a sophisticated, multifunctional P2P botnet written in Golang and targeting SSH servers.

Guardicore Supports The New Data Center Architecture with NVIDIA BlueField-2 DPUs

We saw the early signs about two years ago: while everyone was talking about cloud migration and moving faster to the cloud, there were enterprises that increased their investments in the on-premises data center, and they continue to do so even in this current era.

Over the past months since the COVID-19 pandemic first entered our lives and work from home transitioned from being a tentative reality to a necessity, organizations are moving faster to the cloud, but there are still a lot of applications and workloads that must remain on premises. We write a lot about critical applications that still run on legacy Unix, old Windows operating systems, ancient Linux and other veteran OS that cannot be migrated to the cloud but while many may have assumed that soon enough enterprises will manage to migrate all workloads to the cloud, that is not the case.

As enterprises are embracing new technologies and cloud computing microservices architectures, there’s a shift inside the data center. Not every application can be migrated, and some applications explicitly should not be moved to the cloud. Some of the reasons are clear: there’s more need for speed, higher throughput, and lower latency. Some aspects are less visible: like how containers and container operating systems are installed and deployed, and overall cost of running highly complicated applications in the cloud. As an example, there are a growing number of instances of Kubernetes being deployed on bare-metal servers due to better performance and lower latency and reliance on hardware accelerators.

Coupled with more requirements for using AI and other machine learning algorithms, these developments are leading to faster adaptation of new hardware and software infrastructure like NVIDIA GPU accelerated computing at the edge, faster connectivity, bigger pipes and overall, faster, simplified and more agile computing.

The modern application runs inside the data center and within the edge. It has extensions to the cloud and must operate as a well-defined single unit under new architecture.

While networking architects were busy redesigning the data center, the security architects realized that the firewall as we know it is no longer adequate to protect the modern data center, and new technologies are necessary to enable the required level of security and risk mitigation. There are many limitations that prevent traditional firewalls and even newer firewall-as-a-service solutions from addressing their needs.

First and most obvious, firewalls can protect only the traffic that they can inspect. This means mostly North-South traffic. Now, imagine that you have hundreds or more servers running at 10, 40, 100 and even 200 Gbps. How can your firewall support that amount of traffic? TOR architecture to steer and redirect traffic is not relevant for this new design and can’t be used. Moreover, the existing policy management paradigms built for static designs are not suitable for this new architecture that supports a dynamic and fast-changing application environment.

There are many other limitations, each of which frankly deserves a blog of its own. But in the interim, we all should accept the fact that some aspects of the firewall market and some of its current deployment scenarios are about to change dramatically. The winds of change have begun to blow.

In contrast, software-defined segmentation allows companies to apply workload and process-level security controls to data center and cloud assets that have an explicit business purpose for communicating with each other. It is extremely effective at detecting and blocking lateral movement in data center, cloud, and hybrid-cloud environments.

And then DPUs and SmartNICs were invented.

Data processing units (or DPUs) are changing how and where data center security is performed. DPU-based SmartNICs fuel the new architectural redesign. It started with hyperscalers, large service providers and tier-1 cloud service providers (CSPs) that discovered the benefits of having a managed device that can free up expensive CPU cycles. They all like how SmartNICs are providing added-value services beyond core networking functionality. As a reminder here are some of its capabilities:

  • Offloading network functions
  • Providing security-related processing
  • Tcp offloading to dedicated engines that free up CPU cores
  • Improving networking performance
  • Providing cryptography capabilities like faster encryption

And there are even more security services like workload isolation, secure boot and protecting customers workloads from other tenants.

Partnering with NVIDIA, Guardicore pioneered the concept of using SmartNICs for micro-segmentation to enable the best of both worlds: accelerating performance and functionality while providing secure segmentation capabilities for the new data center.

Using Guardicore with NVIDIA BlueField-2 DPU will allow enterprise customers to embrace the new and cover the old with software-defined segmentation for hardware, providing a faster, more granular way for enterprises to protect their critical assets. Projects that in the past may have spanned many years can now be done in a matter of a few weeks with this new approach, quickly reducing risk and validating compliance.

Guardicore is working with NVIDIA to provide a solution that, just like your DevOps practices, is decoupled from any particular infrastructure, and is both automatable and auto-scalable. On top of this, it provides equal visibility and control across the board in a granular way, so that speed and innovation can thrive, with security an equal partner in the triangle of success.

We are also working with NVIDIA on new BlueField-2 DPU integrations to support the new data center architecture. Doing so with this integration we enable enterprise customers to accelerate their application, innovate faster and deliver competitive solutions to the market.

NSPM and Simplified Security and Governance for Hybrid Clouds – What does the Guardicore and AlgoSec Integration Mean for You?

Getting the most out of your network firewalls has never been a simple task for enterprise environments. As organizations increasingly move to the cloud and operations become more dynamic and complex, the requirements, and the stakes, are rising.

Over the years, I’ve seen improper management of firewalls open organizations up to various types of risk as a result of employee error and oversight. This can have varying consequences, from large-scale data breaches, to fines and penalties due to non-compliance. What do Network Security Policy Management (NSPM) vendors do to help, and is this technology enough on its own?

Learn more about how micro-segmentation helps you reduce risk.

Why do Companies Need Network Security Policy Management (NSPM)?

Inconsistent or inaccurate firewall policies impact the functionality of business applications, cause compliance gaps, and make an organization vulnerable to cyber attacks.

In response to these fears, Network Security Policy Management companies such as AlgoSec, one of the early pioneers of this category, were born. I have had many chances to work with AlgoSec and their team over the last 15 years and it is amazing to see how the product, and actually the market that they have created, is adapting as the IT landscape changes. More recently however, the rise in internal traffic moving East-West inside the data center has created a need for something more. Let’s look at what this means in practice.

Amplifying Firewall Complexity in the Hybrid Cloud, Data Center and Edge

When implemented well, NSPM provides visibility over complex traffic and communication, adds sophisticated automation capabilities for network firewall policies that are spread over multiple devices or locations, and eases compliance with various regulatory requirements for specific industry needs. Tight governance over your perimeter firewall works to keep North-South attacks that move in and out of the data center at bay. But when it comes to a hybrid data center, traditional perimeter firewalls do nothing to address this risk.

In a hybrid cloud data center, visibility and control become more of a struggle than ever. Some of the reasons why, include:

  • Different environments to consider, from on-premises to public or private clouds, each with evolving requirements.
  • The majority of traffic moving East-West, because of third-party vendors, employee devices, and increased exposure via the public cloud.
  • DevOps teams pushing for faster innovation and the deployment of new features via rapid application development.

The more complexity, the more risk, so the hybrid cloud ecosystem needs to be secure from the earliest possible stages.

Dedicated micro-segmentation solutions like Guardicore have risen to this challenge. With a smart segmentation solution, your organization can create access policies inside hybrid enterprise environments that leverage a zero-trust model. Enterprises tend to start with projects that bring quick time to value, such as ring fencing critical applications that hold the most sensitive data or systems.

As a smart, software-based segmentation vendor, we provide new and essential firewall capabilities, dynamic and flexible enough to meet any use case or scale. Of course, the perimeter firewall is still necessary, and needs concurrent and tight governance and control. Therefore, the best segmentation solutions that address hybrid cloud complexity will integrate seamlessly with best-of-breed NSPM solutions.

Simplifying Complexity with a Two-step Integration

According to Gartner, “Despite there being multiple network security vendors with centralized managers, network security teams are struggling to manage these multiple and multi-vendor policies and to have complete visibility across different environments. Maintaining continuous compliance is becoming a bigger challenge.”

A challenge that, here at Guardicore, we’re happy to meet. Guardicore Centra integrates easily with AlgoSec to make it simpler to manage governance and firewall rulesets across a hybrid enterprise environment. Guardicore customers can continue to use their existing perimeter firewalls for North-South traffic alongside Centra’s precise labeling and segmentation policies for managing and controlling all communications that move East-West.

The AlgoSec Policy Exporter integration with Guardicore can be used to export all labels and files from Guardicore Centra, converting them into two easy to manage CSV files, one for endpoint machines and another for rules. The security team now has these policies and labeling rules to forward to any other managed devices within the data center, consolidating existing policies and governance. This integration also provides your enterprise with full visibility of dynamic policies across the data center, even in hybrid environments.

No Firewall Left Behind: Adding Visibility and Control Across a Hybrid Ecosystem

Internal firewall management and control are essential in today’s hybrid cloud data centers, but they don’t negate the need for existing traditional perimeter firewalls. Managing this complex arrangement are NSPM industry leaders such as AlgoSec that can seamlessly visualize, automate and organize policies from multiple firewall vendors across the data center.

By using AlgoSec with Guardicore Centra, our customers have access to the simplest and strongest segmentation choice when managing East-West traffic without adding complexity to firewall management overall.

Want to learn more about segmenting East-West traffic for your hybrid cloud data center?

Download the White Paper here

How to Prove the Savings of Software-Based Segmentation vs Legacy Firewalls

Many companies have discovered to their dismay that using firewalls to segment their networks is a complex, ineffective, and expensive process – especially when it comes to a hybrid cloud environment. In addition to the burdensome upfront cost of firewalls and hardware, there are the heavy downstream costs of project management, labor, maintenance, and prolonged asset exposure due to lengthy implementation times.

Guardicore Centra’s software-based segmentation enables enterprises to avoid those issues. Instead, organizations can reap the benefits of agile DevOps, rapid application deployment, and the cloud, delivering optimal security at a far lower total cost of ownership than traditional methods. Yet how can you prove the savings of software-based segmentation – before you make the switch?

Evaluating the full cost of technology and people is essential when making important, effective decisions. This is particularly true with impactful projects like segmentation, which have long-lasting impact. That’s why we developed the Guardicore Firewall Cost Savings Calculator. The calculator lets you compare legacy firewall segmentation with software-based segmentation and gain a comprehensive understanding of where the time and cost savings come from, using data that’s relevant to your own environment.

Why is segmentation so hard with legacy firewalls?

Let’s take a moment to understand why segmentation is difficult and pricey with traditional firewalls. Among the reasons for the high costs and challenges are the facts that:

  • There is little visibility with traditional firewalls. As a result, segment boundary identification can take many months.
  • Segmentation with legacy firewall appliances requires network changes (VLANs) and application changes that involves tremendous effort and costly downtime.
  • Applications are dynamic and change fast, and traditional firewalls simply do not have the flexibility to accommodate those kinds of agile changes.

Luckily, software-based segmentation provides a significantly more cost-effective and efficient alternative.

HoneyBaked Ham simplifies segmentation and controls access to critical applications

With Guardicore Centra, the HoneyBaked Ham company:
– Reduced upfront costs by 50%
– Secured 45 applications in six weeks
– Reduced total project cost by 85%

Guardicore makes segmentation more efficient

Guardicore’s software-based segmentation solution is independent of the underlying infrastructure. It allows simple policy management with a single pane of glass, without relying on cumbersome network appliances.

Guardicore empowers customers to accelerate segmentation projects with:

  • Full visibility for fast segment identification
  • One solution across hybrid environments
  • No networking or application changes required
  • No application downtime required
  • Smooth integration into DevOps lifecycle with REST API

Wondering how that translates into hard data? That’s where the Firewall Cost Savings Calculator comes into play.

The Guardicore Firewall Cost Savings Calculator

The Guardicore Firewall Cost Savings Calculator was developed to quickly and easily demonstrate the extent of the savings businesses can get from using Guardicore’s software-based segmentation compared with a legacy firewall solution.

To use it, all you need to do is answer four simple questions:

  • How many unique segments are required in your environment?
  • On average, how many physical servers or virtual machines will be included in each segment?
  • To how many different locations do you expect to deploy your application?
  • Who is your firewall vendor?

Once the fields for these questions have been filled out, the calculator will automatically display the resulting savings. For a detailed breakdown of how the results were calculated, you can also read the white paper or, for a more personalized breakdown of savings you can gain in your business’ unique environment, request an individual analysis.

As one customer discovered:

“With Guardicore, we were not only able to secure 45 applications without interruption in just six weeks, we also got a more agile, cost-effective, and secure solution than our legacy firewall provider.”

~ David E. Stennett, Sr. Infrastructure Engineer, the HoneyBaked Ham Company

With Guardicore Centra, segmentation takes a mere 16 days, as opposed to 14-22 days with legacy firewalls.
With Guardicore Centra, segmentation takes a mere 16 days, as opposed to 14-22 weeks with legacy firewalls.

See the savings from software-based segmentation

Ready to be amazed? Try the Guardicore Firewall Cost Savings Calculator for yourself and discover the time and cost savings your company could be getting by switching from traditional firewalls to software-based segmentation.

Guardicore is AWS Outposts Service-ready, Supporting our Customers that are Moving Closer to The Edge with Hybrid Cloud Environments

Several months ago we announced our plans to support AWS Outposts. Guardicore’s VP Business Development Sharon Besser wrote, “I am excited to share the news that we will support AWS outposts just like any other part of the hybrid cloud. Together with AWS and their hardware partners we are looking forward to expanding the Guardicore ecosystem to additional areas of the ever-expanding cloud, securing customers wherever they might be.”

Learn More about Guardicore’s Solution for AWS Customers

Well, we always keep our promises, and I’m excited to be able to update you about our progress on a whole new frontier and beyond- the edge. Guardicore was among the first vendors to achieve the AWS Outposts service ready partner status, following the tests and certification process performed by the AWS Outposts team. We are now fully enabled and ready to secure our customers’ journey to the new hybrid cloud, including even more environments.

Great! What Can I Use AWS Outposts for?

AWS Outposts is a fully managed service that extends AWS infrastructure, services, APIs, and tools to customer premises. By providing local access to AWS managed infrastructure, AWS Outposts enables customers to build and run applications effectively as an on-premise data center using the same programming interfaces as in AWS Regions, while using local compute and storage resources. This supports applications that require lower latency and have local data processing needs.
The result? Near real-time responses to end-user applications, and the ability to communicate with other on-premises systems, such as controlling on-site equipment. Enterprises can also now securely manage data on-premises in places without an AWS region, and process data locally where utilizing the cloud would be inefficient or use unnecessary resources. AWS Outposts is another environment some of the most sophisticated customers are adopting, raising a need for increased coverage from a solution that addresses hybrid cloud security.

Here are 4 Industries that can Benefit from AWS Outposts

Healthcare: Hospitals are often in places where connectivity is at a premium. With AWS outposts, workloads that handle real-time patient diagnosis or medical imaging can be run on-premises, offering the quickest possible response time.
Manufacturing: Automated operations on factory floors can be managed on-premises via Outpost environments, helping manufacturers to streamline processes, improve productivity and benefit from innovation such as IIoT and data analytics to power real-time decision making.
Media: The incredibly fast response time that organizations can achieve when using AWS Outposts makes it perfect for media streaming and processing companies, where users expect perfect performance without buffering or delay.
Telecommunications: Moving storage and compute resources closer to the end user and their devices at the edge is what will power software-defined networking and network virtualization for mobile networks. In turn, this will allow them to take advantage of the new 5G economy, and the world of IoT.

What Changes for Enterprise Security?

In the AWS Outposts model, a full appliance comprising both hardware and software is delivered to the customer. AWS takes responsibility for supporting and maintaining the hardware and software and the customer provides the physical facility in which the system is hosted. Otherwise, AWS effectively runs the appliance as an extension of its central cloud service. This set up may cause security challenges for some customers by its very design.

Just like AWS Regions, the AWS “Shared Security Responsibility Model” applies to Outposts as well. Even though they are deployed on-premises, AWS is responsible for the hardware, and the customer is responsible for applications, data and operational security. Despite the servers being on-premises, only AWS have access, including any scheduling decisions for patching, updates, and version upgrades.

One important element to consider is compliance. Security certifications like SOC2 will not automatically apply on-premises as they would in the cloud. Customers must work with AWS and, potentially, with other auditors to certify their deployments.

Securing AWS Outposts involves using the same levels of visibility and control that we bring to any existing hybrid cloud ecosystem, expanded to cover this new environment. “We know the importance of helping customers and organizations more easily identify potential security risks in order to take action,” said Joshua Burgin, General Manager, AWS Outposts, Amazon Web Services, Inc. “With Guardicore Centra Security Platform available to customers on AWS Outposts, we are able to provide a comprehensive view of (a customer’s) security posture on their infrastructure, on AWS Outposts, and in AWS Regions both on-premises and in the cloud for a truly consistent hybrid experience.”

Read more about our partnership in our press release here.

Securing the New Hybrid Cloud

The fact that Guardicore has a certified solution and is a service ready provider for Outposts is no small announcement for us. We can already see how AWS Outposts is the beginning of a new type of hybrid cloud, one which leverages on-premises systems to take customers closer to the edge, providing faster speeds and better performance and security for end-users. Think about new service models from AWS like Wavelength or Local Zones, that are already building on the Outposts technology.
By ensuring that we are first out of the gate with the service-ready certification and prepared to help secure the variety of modern hybrid cloud environments that include AWS Outposts, we are sending a message to our customers. We’re secure across your entire hybrid ecosystem, and we’re ready for whatever is coming next.

Looking to learn more about protecting your workloads across a hybrid enterprise environment? Check out our white paper.

Read now

Guardicore Achieves AWS Outposts Ready Designation

Boston, Mass. and Tel Aviv, Israel – September 15, 2020 – Guardicore, the segmentation company disrupting the legacy firewall market, announced today that it has achieved the AWS Outposts Ready designation, part of the Amazon Web Services (AWS) Service Ready Program. This designation recognizes that the Guardicore Centra segmentation platform has demonstrated successful integration with AWS Outposts deployments. AWS Outposts is a fully managed service that extends AWS infrastructure, AWS services, APIs, and tools to virtually any datacenter, co-location space, or on-premises facility for a truly consistent hybrid experience.

Achieving the AWS Outposts Ready designation differentiates Guardicore as an AWS Partner Network (APN) member with a product fully tested and certified on AWS Outposts. AWS Outposts Ready products are generally available and supported for AWS customers, with clear deployment documentation for AWS Outposts. AWS Service Ready Partners have demonstrated success building products integrated with AWS services, helping AWS customers evaluate and use their technology productively, at scale and varying levels of complexity.

“We know the importance of helping customers and organizations more easily identify potential security risks in order to take action,” said Joshua Burgin, General Manager, AWS Outposts, Amazon Web Services, Inc. “With Guardicore Centra available to customers on AWS Outposts, we are able to provide a comprehensive view of (a customer’s) security posture on their infrastructure, on AWS Outposts, and in AWS Regions both on-premises and in the cloud for a truly consistent hybrid experience.”

“Guardicore is proud to be an early adopter of AWS Outposts and achieve AWS Service Ready status,” said Sharon Besser, VP, Business Development, Guardicore. “We are continually evolving the Guardicore Centra platform to secure modern cloud and hybrid environments, allowing companies to reduce the attack surface and protect critical applications wherever they may be. AWS is at the cutting edge in expanding its cloud and compute services to a variety of customer environments and we look forward to supporting AWS Outposts.”

To support the seamless integration and deployment of AWS Outposts ready solutions, AWS established the AWS Outposts Ready Program to help customers identify products integrated with AWS Outposts and spend less time evaluating new tools, and more time scaling their use of products that are integrated with AWS Outposts deployments.

Guardicore delivers segmentation in the simplest and most effective way. The company’s segmentation controls are applied at the workload level, preventing east-west attacks and enforcing zero-trust security across all critical assets and applications. Achieving AWS Outposts Ready designation ensures Guardicore customers will receive superior visibility and workload protection whether they are operating on-premises, in the public cloud or at the edge.

“Visibility, to me, means being able to see the traffic patterns, the communication flow between the systems, and knowing what’s going on in the cloud,” said Scott T. Nichols, Director of Global Product Privacy and Cybersecurity, Beckman Coulter. “That’s really what I saw as the strength in Guardicore Centra.”

About Guardicore
Guardicore is the segmentation company disrupting the legacy firewall market. Our software-only approach is decoupled from the physical network, providing a faster alternative to firewalls. Built for the agile enterprise, Guardicore offers greater security and visibility in the cloud, data-center and endpoint. For more information, please visit www.guardicore.com or go to Twitter or LinkedIn.

Securing VDI with Micro-segmentation for the Education Sector: A Classroom in the Cloud

I have 4 kids, and 3 are still school age. Like everyone else, they are now spending most of their time online, including their school time. Naturally, the following topic is close to my heart.

Schools and educational institutions offer an ‘X marks the spot’ for hackers looking to leverage sensitive and personally identifiable information (PII). For extended periods of time during a student’s progress from K-12, schools will store and manage varied information for both minors and their guardians, that includes addresses, healthcare records, aptitude assessments, payment information, and social security numbers.

A number of issues make security even more complex for stakeholders in school districts. They work across multiple campuses, have large and complex IT networks, often depend on legacy systems to store and manage critical data, and experience regular turnover of both students and staff.

In 2013, Lahiri, M. & Moseley, J.L. published a research paper, called “Migrating educational data and services to cloud computing”. Inside, they listed the different challenges for educational institutions that were migrating to the cloud. Out of the five challenges (control, performance, security, privacy and reliability), the security challenge is yet to be solved effectively by either the cloud providers or the educational systems.

Whether school districts are moving to the cloud to modernize their environments, or to address the current online learning challenges, a hybrid environment increases their exposure and risk. It’s not surprising that cybersecurity incidents against public K-12 schools tripled in 2019.

Getting on the Syllabus: Where Does Virtual Desktop Infrastructure Fit into Remote Classrooms?

The benefits of VDI in education are clear. Firstly, the technology provides a simple way for students to learn remotely and gain the access they need to course materials and lessons. Devices such as Chromebooks are a low-cost way for schools to level the technology playing field and offer their student body a streamlined learning experience.

In addition, for teachers, VDI is a flexible way to create learning spaces and computer-based assessments that can be accessed in any location, for any student with an internet connection regardless of the age or type of machine. This is an essential part of democratizing learning, and making shared spaces that are accessible to anyone, from any background or of any means.

In fact, VDI in the classroom is nothing new, and has even supported schools in addressing some important security issues, such as lessening the reliance on legacy systems or end of life machines. Of course, it needs to be implemented with its own security controls at the start, such as segmentation over user access and smart protection of critical applications. School districts like Madison City in Atlanta for example have been using virtual machines for almost a decade as part of a program to securely save on high hardware costs and upgrades.

According to Katrina Bowling, Technology Coordinator in Madison City for 9,000+ students and 1,000+ staff,

“VDI lets us replace old machines as they die a natural death, as opposed to being forced to do it because they are inadequate. It takes us out of the endless process of refreshing PCs. Before we deployed VDI, we were four years behind on our refresh schedule, and 3,500 PCs — more than 75 percent of our inventory — were more than five years old and incapable of being upgraded to run anything beyond Windows XP”.

However, this year, as students head back to school during COVID-19, VDI adoption is being rolled out faster than ever before, which may lead to school districts skipping vital security steps.

Citrix has highlighted “the urgency with which higher education institutions need to transition quickly from a traditional campus-based model to a remote-ready model and put in place a long-term digital learning strategy”. Whether students are heading back to the classroom this semester, continuing to study from home, or somewhere in between, VDI can support schools in being ready for anything. However, when schools are being trusted with the confidential data of minors, this should only be considered when districts have the right segmentation controls in place.

The Required Reading: Understanding the Security Risk of Learning from Home with VDI

Being ready to make the leap to VDI in response to COVID-19 means understanding the heightened need for segmentation and access control when using virtual machines, as opposed to when relying on traditional data centers.

When using VDI, your critical applications and sensitive data are sharing the same server as your end users. In the case of education, those end users are any students that are studying remotely, diverse in age and experience, as well as teachers that may be utilizing this kind of technology for the first time in their careers. You’re opening an environment that is designed to be shared by many users, unencumbered by a perimeter firewall, and in which the traffic is likely to be encrypted using SSL or TLS.

As your VDI is largely open, it only takes a single infected machine for an attacker to launch a threat against an entire network, making lateral moves to other machines, accessing administrative controls or critical and sensitive information.

VDI has great security capabilities, but it is missing the ability to restrict lateral movements and reduce the risk of using the shared server environment.

A Quick Study: Handling this Threat with Micro-segmentation

The cheat sheet for securely seeing the benefits of VDI for your school environment is centered around access control. It goes without saying that students shouldn’t have the same ability to move freely through a network as is given to the IT team, or that school administrators or bursars who handle financial or aptitude data should have different permissions than are provided to the math department or the gym teacher.

Here’s how an intelligent micro-segmentation choice makes it happen:

  1. Application segmentation: Enhance governance across your school district by ring fencing critical data or systems at the VM, application, or even process level. Visualize applications by role, or interaction.
  2. User identity access policies: Tightly manage data access by creating process level policies for specific users or groups, based on information pulled automatically from the Active Directory.
  3. Baked-in compliance controls: Show that you’re taking FERPA compliance seriously, and in case of a data breach, protect financial or medical information held under your institutional roof.
  4. Strong visualization: Being able to see across a hybrid environment is essential when you have a large distributed network. Rather than segmenting based on trial and error, gain visibility from day one.
  5. Integration with breach detection: Gain immediate insight when suspicious activity is detected, alongside information-rich alerts that show exactly where and how the incident occured.

Do the Math: Citrix +Guardicore = Secure VDI Environments for your District

Virtual Desktop Infrastructure through industry leading solutions such as Citrix Virtual Apps and Desktop is an intelligent route to a safe school year for K-12 around the world. It sets up students with virtual spaces to learn from anywhere, and provides teachers with the technology they need to support remote learning, touchless lessons, or a mix of home and school study.

However, safe also needs to include secure.

The FBI has announced its own fears that malicious actors will use VDI to launch attacks against educational facilities, and without an A+ segmentation strategy for using VDI, your school district and the schools within are left unprotected.

Guardicore Centra is certified as Citrix-ready, and successfully validated with the latest versions of Citrix Virtual Apps and Desktops. It can run on your environment on premises, in the cloud as well as for a hybrid model. As technology partners, the combination offers extremely quick time to value for school districts that need a fast turnaround on providing a new technology to their staff and students.

If you need support in shoring up your defenses ahead of time with a micro-segmentation solution that leaves nothing to chance, find us in the Citrix-ready Marketplace, and get in touch to discuss your specific requirements.

Want to know more about securing VDI with micro-segmentation?

Read our recent white paper

Or find out how one school district improved their PCI-DSS compliance posture with Guardicore in our case study.