Posts

Guardicore Expands Its Centra Security Platform to Protect Cloud Native Applications and Simplify Segmentation Policy

Guardicore Centra Version 5 Introduces Expanded Coverage for Cloud-Native Applications and PaaS and AI-Powered Segmentation

Boston, Mass. and Tel Aviv, Israel – February 21, 2020 – Guardicore, a leader in internal data center and cloud security, today announced several new capabilities in its Guardicore Centra Security Platform designed to help security architects visualize, segment, and protect cloud-native applications while further simplifying the process for reducing risk to mission-critical business applications through segmentation. 

Building on its broad security coverage across hybrid data center environments, Guardicore protects cloud-native applications, including serverless computing and Platform as a Service (PaaS). This enables security teams to visualize and control access to cloud-native applications from the same Guardicore Centra Security Platform where they secure applications running on bare metal systems, virtual servers, Infrastructure as a Service (IaaS) and containers. This provides security professionals with a single platform, giving them a single view of all applications and flows, and a single, consistent dashboard to create, update and enforce policies, dramatically simplifying security policy management in hybrid data center and cloud environments.

“Cloud-native application development is rapidly becoming the new standard for quickly building and scaling new business applications and optimizing existing ones,” said Pavel Gurvich, Co-founder and CEO, Guardicore. “Until now, providing adequate protection of PaaS services such as AWS S3, Azure SQL, and GCP Cloud Run has required standalone security tools to properly visualize access to these services and apply access control policies, resulting in inefficient security policy management across hybrid environments. Guardicore has simplified this by integrating cloud-native support into the Guardicore Centra Security Platform. This allows security to keep up with the pace of DevOps while maintaining the appropriate levels of security to protect sensitive data and applications.”

Security for Cloud-Native Applications

The Guardicore Centra Security Platform secures the production and operational elements of cloud-native applications by enabling IT security teams to visualize access to PaaS services, by  user, system or cloud service, providing a visual map of all interactions between those services, including application flows. Guardicore segmentation policies then control access to cloud resources to ensure only sanctioned users and systems are allowed, blocking any unauthorized access, and reducing the attack surface of cloud-native applications. 

Guardicore Centra uses multiple methods for data collection and policy enforcement for cloud-native applications, including cloud-native access control policies, cloud APIs, Guardicore agents, and utilizing code instrumentation mechanisms for serverless functions. This provides the ultimate flexibility in how to apply least privilege and reduce the attack surface of cloud-native services.

AI-Powered Segmentation

Whether deployed in existing on-premises data centers or in the cloud, segmenting applications often requires IT to manually classify assets and write segmentation rules to achieve the proper level of security. Guardicore already provides an intuitive, integrated workflow to minimize manual effort, but by leveraging AI, Guardicore Centra version 5 further accelerates and simplifies segmentation and ongoing policy management.  Guardicore Centra’s AI-powered segmentation makes asset classification even easier and reduces the time and effort needed to apply a segmentation policy to new or existing applications.

Based on intelligence collected from tens of thousands of applications and millions of flows from Guardicore customers, and combined with AI-based algorithms, Guardicore Centra provides asset classification and policy assistance in three main areas:

  1. Automatic prioritization recommendations for application segmentation. Guardicore Centra automatically provides recommendations on which applications to segment first, based on Guardicore’s continuous analysis of the applications that represent the greatest risk reduction opportunities.
  2. Scoping and classifying applications.  To help reduce or even eliminate manual processes for labeling assets and components of a particular application, Guardicore Centra automatically discovers, scopes and provides recommendations for how to label an application for easy and seamless classification.
  3. Automatic segmentation policy recommendations. Guardicore Centra provides segmentation rule recommendations based on known application behavior and a pre-defined set of policy templates for common applications. For example, for Splunk users, Guardicore Centra will provide a pre-defined set of rules for securing this application with minimal to no human intervention. This provides a quick and easy way to reduce the risk without having to write new rules or rewrite rules for another application. 

Guardicore will preview new features at the RSA Conference in San Francisco, CA, February 24, 2020 – February 27 in Guardicore Booth #4319.

About Guardicore Centra

GuardiCore Centra is a comprehensive data center and cloud security solution that delivers the simplest way to apply micro-segmentation controls to reduce the attack surface and detect and control breaches within east-west traffic. It provides deep visibility into application dependencies and enforces network and process-level policies to protect critical applications, in any environment.

About Guardicore

Guardicore is a data center and cloud security company that protects your organization’s core assets using flexible, quickly deployed, and easy to understand micro-segmentation controls. Our solutions provide a simpler, faster way to guarantee persistent and consistent security — for any application, in any IT environment. For more information, visit www.guardicore.com.

Guardicore Threat Intelligence Firewall Hardens Security Policies in Modern Data Centers

Integrated with Guardicore Centra, Smart Firewall Continually Updated with Global and Local Source Data

Boston, Mass. and Tel Aviv, Israel – February 20, 2020 – Guardicore, a leader in internal data center and cloud security, today announced the availability of its Guardicore Threat Intelligence Firewall feature, integrated into its Guardicore Centra Security Platform. The Threat Intelligence Firewall goes beyond traditional firewall measures to help harden security profiles in complex cloud environments. Managed through Guardicore Centra’s segmentation rules dashboard, it identifies and blocks incoming and outgoing connections to known malicious IPs, limiting the network attack surface and eliminating attacker activity before it reaches critical assets in the data center.

 “With our Threat Intelligence Firewall, we eliminate suspicious activity before it even reaches our customers’ data centers,” said Ofri Ziv, Guardicore Vice President of Research and head of Guardicore Labs. “Automatically configured in Guardicore Centra, our Threat Intelligence Firewall is a smart firewall that is continually updated with new data about malicious IP addresses and domains, collected by threat intelligence sensors deployed in live production data centers and cloud deployments across the globe. By identifying, flagging and/or blocking the latest attack, scan, and command and control (C&C) threats, it gives customers the ability to easily and confidently reduce risk by preventing bad actors from gaining access to the data center environment.”

With this new feature, Guardicore Centra is the only host-based segmentation platform to block traffic from malicious IP addresses identified through both its global network and local customer sources. Guardicore Threat Intelligence Firewall adds another layer of defense for security teams using the Guardicore Centra Security Platform to deploy simple and intuitive micro-segmentation controls that reduce the attack surface and detect and respond to breaches within east-west traffic. Guardicore customers benefit from:

  • Early warning about a compromised environment through instant block or alert:
    Instant notifications provide accurate and real-time information that a customer environment has been compromised, allowing faster response.
  • Up-to-date intelligence about the newest threats:
    Lists of malicious IPs are updated daily with the latest attack, scan, and C&C IPs.
  • Reduced exposure to malicious actors:
    Drastically reduce your attack surface to malicious actors that attempt to attack, scan, or make a C&C connection with your organization.

The Guardicore Threat Intelligence Firewall leverages data consumed from Guardicore’s Cyber Threat Intelligence feed, a publicly available resource tracking potential threats specific to data center and cloud infrastructure, eliminating false positives. For more details visit Guardicore’s blog

About Guardicore

Guardicore is a data center and cloud security company that protects your organization’s core assets using flexible, quickly deployed, and easy to understand micro-segmentation controls. Our solutions provide a simpler, faster way to guarantee persistent and consistent security — for any application, in any IT environment. For more information, visit www.guardicore.com.

Are You up to Date with the Latest Guardicore Cyber Security Ecosystem News?

2019 was an incredible year of growth and innovation for Guardicore and the world-class technology ecosystem that passionately supports it. The future for software-defined cloud and data center security transformation looks more attainable than ever. A growing number of technology vendors, both large and small, now work with us to deliver joint solutions to solve some of the biggest cyber security pain points of today’s enterprise customers.

We are honored to have some of the world’s most well-known companies as our customers, and to work together with them to secure their most critical assets as part of their digital transformation strategy. These customers build, run and manage an integrated set of applications and services to deliver a unique experience for their own internal and external customers in turn. Guardicore, alongside our technology alliance partners provides a pragmatic enterprise-ready solution that allows our customers to embrace a complex and innovative hybrid cloud environment, both culturally and through technology. As we continue to evolve in this new year, I wanted to mention and highlight a few updates.

Cloud Updates:

Guardicore is now available on the Microsoft Azure marketplace as a preferred solution after earning an IP co-sell status. Customers worldwide can now gain access to the Guardicore Centra security platform directly from the Azure marketplace.

Guardicore was selected to join the AWS’ Outpost announcement. Outposts are developed, installed and deployed by AWS on customer premises and managed as if they are part of the cloud. Read more about it in our recent blog.

Don’t miss the recent AWS and Guardicore Webinar featuring our own Dave Klein and Moe Alhassan, Partner Solutions Architect at AWS, on securing and monitoring critical assets and applications on AWS.

Native Cloud Orchestration Updates:

Guardicore now provides out-of-the-box native integration with all large Cloud Service Providers: Amazon Web Services, Microsoft Azure, Google Cloud Platform and Oracle Cloud Infrastructure. This is in addition to VMware and OpenStack integration and support for other orchestration services via built-in RESTful API. This allows our customers to truly embrace and use a hybrid cloud infrastructure, allowing them to migrate from on-premises data centers to any cloud or clouds choosing the right technology that meet their needs, whether that’s hosted servers, IaaS, PaaS or hybrid.

New Eco-system Product Certifications:

We are happy to announce that the Splunk application for Guardicore has passed the Splunk certification process. The application and the add on are now available directly from Splunkbase. Guardicore integration is available for version 7.3 and above, including the newly released Splunk version 8.x

Guardicore Centra is now listed in the SUSE catalogue which you can find here, and is a proud member of the SolidDriver program. It is also available in the IBM Global Solution Directory.

Identity Management Updates

Guardicore completed an integration as well as product certifications with Privileged Access Management solution provider CyberArk (Centra Privileged Session Management plugin available from the CyberArk marketplace) and identity providers Okta, Duo, Ping Identity, Ilex International, and Redhat SSO using SAML and Active Directory Integration. To learn more about using Guardicore Centra with CyberArk read our blog on the integration.

On-premises Virtual Desktops and Desktop-as-a-Service

Guardicore Centra is validated as Citrix ready for Citrix Virtual Apps and Desktops and is listed in the Citrix Ready Marketplace. You can read more about it in this blog. In addition, we have shared information on how Centra can be used to segment users on Amazon Workspaces (DaaS).

We’re also excited about the future innovation that will be announced and demonstrated later this year. As our technology partners continue to work with us to deliver integrated solutions, you can expect more exciting announcements. Stay tuned and keep up with our blog for the most up-to-date information.

Want to learn more about how Guardicore micro-segmentation can help you protect AWS workloads? Download our white paper on supplementing cloud security and going beyond the shared security model.

Read More

Guardicore Centra Integration now available on CyberArk Marketplace

We had our first integration with CyberArk in 2016. One of our very early adopters, a CISO for a large telecommunications company, realized that Guardicore Centra was becoming a critical part of his security infrastructure and decided to integrate the two products.

The CISO understood that one of the biggest security threats for his organization was the misuse of privileged accounts with elevated permissions on IT systems. He decided to use CyberArk with Guardicore in order to manage privileged accounts and protect his critical assets. Guardicore secured access to critical assets via micro-segmentation and detection capabilities, and CyberArk managed the privileged access on these systems.

Since then, we have added additional features such as identity-based policies to provide a stronger overall solution, and many other customers have benefited from these integrated capabilities.

I am happy to update you that this integration of Guardicore Centra security platform and the CyberArk Privileged Access Security Solution has recently been made available on the CyberArk Marketplace, helping our joint customers accelerate their ability to meet compliance requirements and reduce security risk without introducing additional operational complexity.

By providing the Guardicore plug-in via the CyberArk Marketplace, customers can now more easily evolve their privileged access management programs. Our integration enables CyberArk customers to protect their hybrid cloud and data center while maintaining strong privileged access controls.

As a CyberArk C3 Alliance member, Guardicore will continue to work alongside CyberArk to deliver value to shared customers through an integrated plug-in, as part of their security stack.

Privileged access is pervasive and provides attackers the “keys to the IT kingdom.”

It is widely recognized that nearly all damaging cyber-attacks involve privileged account compromise. Attackers are then able to exploit this legitimate privileged access to establish a foothold and make lateral moves across enterprise IT infrastructure. Additionally, without least privilege, internal users might abuse their access rights. By integrating the capabilities of Guardicore Centra with the CyberArk solution, customers can be better positioned to detect and stop lateral movement using both software-defined segmentation and privileged access management.

Thinking about zero trust implementation? CyberArk combines with Guardicore to take you that much closer to the adoption of the zero trust model of security.

Want to read more about how Guardicore micro-segmentation can take you closer to adopting a zero trust framework? Download our white paper on getting there faster.

Read More

Guardicore vs. VLANs. No Contest. All That’s Left is Deciding What to Do with Your Free Time

A fast-paced business world deserves security solutions that can keep up. Speed isn’t everything, but reducing complexity and time when deploying a new strategy can be the difference between success and failure. Let’s look at the process of segmenting just one business critical application via VLANs, and then compare how it works with Guardicore Centra micro-segmentation. Then you can decide how to use all that spare time wisely.

VLANs – How Long Does it Take?

If you decide to go down the VLAN route, you will need to spend around 4-6 months preparing your network and application changes. On the networking side, teams will configure switches, connect servers, and generally get the network ready for the new VLANs. On the application side, teams will build a migration strategy, starting with discovering all the relevant infrastructure, making changes to application code where necessary and preparing any pre-existing dependent applications for the change ahead of time.

After this 6-month period, you can start to build policy. It can take anywhere from 2-4 months to submit firewall change requests and have fixes and changes signed off and approved by the firewall governance teams. Meanwhile, your critical applications remain vulnerable.

Once you’re ready to move on to policy enforcement, you’ll need to spend a weekend migrating the application to the new VLAN. This includes manually reconfiguring IP addresses, applications and integration points. Don’t forget to warn your users, as there will be some application downtime that you can’t avoid. Altogether, you’ve spent up to 10 months performing this one segmentation task.

VLANs vs Guardicore

Guardicore Centra – How Long Does it Take?

Now let’s take a look at how it works when you choose smart segmentation for hybrid cloud and modern data center security with Guardicore. The preparation time is just a few days, as opposed to half a year, while Guardicore agents are deployed onto your application. This installation is simple and painless, and works with any platform. Labeling is also done during this time, integrating with your organizational inventory such as CMDB or cloud tags. Guardicore’s Reveal platform automatically discovers all traffic and flows, giving you an accurate map of your IT ecosystem, in real time, and continues to give you historical views as you proceed as well.

As policy creation is automatic, your policy suggestions can be tested immediately, and then run in ‘alert mode’ for two weeks while you tweak your policy to make sure it’s optimized to its full potential. When you’re ready to go – pick a day and switch from alert to enforce mode, with no impact on performance, and no downtime.

You’ve Just Saved 9 Months – Let’s Use It!

With security handled, and 9 months of time to kill, here are just some of the things you could achieve in your organization.

Start a Language Lunch Club

quick segmentation - start a language lunch club

90% of employees say that taking a regular lunch break helps them to feel more productive in the afternoon. Despite this, most of us often grab a quick sandwich, or don’t even manage to get up from our desks. Why not use some of your newfound company “free time” to encourage teams to eat lunch together, socializing and enjoying some much needed down-time? This time ‘off’can give colleagues a chance to get to know one another, forming new friendships, social bonds and levels of trust between your staff. If you want to try to combine this with learning a new skill and further enriching your staff (expanding their minds and improving memory and brain function), you could start a language club where your team members can learn basic skills that can support them in reaching global customers. With 180 hours to kill – that’s a whole lot of lazy, or super-productive, lunches!

Play with Lego!

quick segmentation - play with lego

Many organizations struggle with how to make team meetings more productive, especially when everyone is always so short on time. If you’re known for sharing memes like “I survived another meeting that should have been an email,” then isn’t it time you did something about it?

Lego Serious Play is one great methodology that can get staff thinking and working outside of the box. As 80% of our brain cells are connected to our hands, building and creating can unlock hidden thoughts and ideas. It’s also a fantastic way to get input from quieter team members, as it works for both introverts and extroverts, and uses visual, kinaesthetic and auditory communication. If you have some free time left over, why not try beating the world record for the tallest Lego tower, built in Tel Aviv in 2017. You’ll have to make it to 36 meters to stand a chance though!

Put more Time into Health and Wellness

quick segmentation - put time into health and wellness

With more time in the day, there’s no need to take shortcuts that adversely affect your health. Tell your employees to skip the elevator and take the stairs, or to come in slightly later and cycle instead of jumping on available public transport. If your staff take the stairs twice a day for the whole nine months of saved time – that’s 12,600 calories, or the equivalent of 50 pieces of cheesecake!

Research has shown that employees who have work wellness programs report taking 56% fewer sick days than those without. Use some of the free time you’re saving to set up 8:30am or 5:00pm wellness classes, such as yoga, mindfulness, aerobics or Zumba and give your employees more reasons to love coming to work! Activity also encourages greater focus and productivity while on the job, so consider it a triumph to flex the muscles of your body and your mind.

Do More with Your Day Job

quick segmentation - do more with your day job

Spend some time getting to know other departments in the company, sitting down with Procurement to understand recent contracts, or heading over to R&D and having that conversation you’ve been meaning to have about Intellectual Property. Nine months makes 1440 hour-long coffee meetings! Better yet, why not plan a stint to an at least semi-exotic location to visit your offshore development teams on site? Allow yourself a bit of time out of the office while getting some all-important face-time with other members of your team.

You could also use some of your extra time to visit some customers or other stakeholders in the supply chain, identifying the risks that they pose to your organization and the mitigation you could put in place. Interested in some more informal professional development? It’s the perfect time to start a training to develop or expand a new skill, or mentoring some junior employees, or think about your own career enrichment. After all, you’ve just saved nine months!

Encourage Innovation

quick segmentation - encourage innovation

Most people have heard of Google’s 20% rule, where employees are encouraged to work on side projects, new hustles, or research for 20% of their working day. But for many companies this is a huge privilege – only possible if you have enough time in the day to get all the urgent work off your desk- which we know is never the case. But now with more time to play with, literally, you can implement some enforced innovation time. With 9 months of extra time to use up, it will take four and a half years of an hour a day before your staff have used up the surplus.

Now It’s your Turn to Innovate: What Will Your Teams Do With Their Free Time?

Why not draw up a bucket list of what you could do with an extra nine months, and how it could benefit your company?

Take a look at the seven steps to operationalize micro-segmentation so you can see just how simple it would be to get started.

Read More



Guardicore Extends Support to AWS Outposts, Providing Holistic Visibility and Control Across the Hybrid Cloud

Like the real clouds that can be seen in the Earth’s atmosphere, the IT clouds are constantly changing in the DCsphere. Last year, AWS announced plans to expand the public cloud into on-premises data centers and introduced AWS outposts, which will allow customers to run AWS infrastructure on-premises or other co-location facilities, creating a new type of hybrid cloud.  AWS customers can expect to have a consistent experience, whether they are managing infrastructure on the public cloud or using Outposts. 

Today, I am excited to share the news that we will support AWS outposts just like any other part of the hybrid cloud. Together with AWS and their hardware partners we are looking forward to expanding the Guardicore ecosystem to additional areas of the ever-expanding cloud, securing customers wherever they might be.

Highlighting the Benefits of AWS Outposts

Using AWS Outposts, organizations can run services such as EC2, EBS, and EKS on-premises, as well as database services like Amazon RDS or EMR analytics. Running AWS services locally, you will still be able to connect to services from the local AWS Region, and use the same tools and technology to manage your applications. With this announcement from Guardicore Centra, security can also remain the same on-premises as you’ve come to expect with AWS on the cloud.

The value of this technology for data storage and management is powerful. For organizations that are bound by regulations for storing data off the cloud, or in countries with data sovereignty requirements or no AWS Region, Outposts is a valuable alternative that makes data processing and storage seamless.

Healthcare is a strong example of a vertical that can benefit from Outposts. Organizations can simply run Machine Learning and analytics models to their health management platforms, even where low latency processing requirements dictate that they remain on-premises. When it’s time to retrieve data, this information is stored locally and therefore quick to retrieve. Financial services is an example of another use case that can leverage Outposts to deliver banking or processing requirements within the confines of local data requirements.

Making it Happen

To provide the widest possible coverage, Guardicore will support the two variants of AWS Outposts: both VMware Cloud on AWS Outposts with our existing VMware orchestration integration, as well as the AWS native variant of AWS Outposts running on premises.

Read more about our ever-evolving capabilities for AWS security as a trusted AWS Technology Partner, and stay tuned for more details on this exciting news and other collaborations.

Want to know more about how Guardicore, a trusted AWS technology partner, helps you nail hybrid cloud security by partnering with AWS? Download our white paper on the shared security model.

Read More

Segmenting Users on AWS WorkSpaces – Yes It’s a Thing, and Yes, You Should Be Doing It!

I recently came across a Guardicore financial services customer that had a very interesting use case. They were looking to protect their Virtual Desktop (VDI) environment, in the cloud.

The customer’s setup is a hybrid cloud: it has legacy systems that include bare metal servers, Solaris and some old technologies on-premises. It also utilizes many Virtual environments such as VMware ESX, Nutanix and Openstack.

Concurrently with this infrastructure, the customer has started using AWS and Azure and plans to use containers in these platforms, but has not yet committed to anything specific.

One interesting element to see, was how the customer was migrating its on-premises Citrix VDI environment to AWS workspaces. The customer was happy using AWS workspaces and had therefore decided to migrate to using them in full production. AWS workspaces were especially useful for our customer since the majority of its users work remotely, and it was so much easier to have those users working with an AWS WorkSpace than relying on the on-premises, Citrix environment.

So, what is an AWS WorkSpace anyway?

In Forrester’s Now Tech: Cloud Desktops, Q4 2019 report, cloud desktops and their various offerings are discussed. Forrester states that “you can use cloud desktops to improve employee experience (eX), enhance workforce continuity, and scale business operations rapidly.” This is exactly what our customer was striving to achieve with AWS WorkSpaces.

AWS Desktops are named “Amazon WorkSpaces”, and they are a Desktop-as-a-Service (DaaS) solution that run on either Windows or Linux desktops. AWS provides this pay-as-you-launch service all around the world. According to AWS “Amazon WorkSpaces helps you eliminate the complexity in managing hardware inventory, OS versions and patches, and Virtual Desktop Infrastructure (VDI), which helps simplify your desktop delivery strategy. With Amazon WorkSpaces, your users get a fast, responsive desktop of their choice that they can access anywhere, anytime, from any supported device.”

To get started with AWS workspaces click here.

Our customer was using AWS WorkSpaces and scaling their utilization rapidly. This resulted in a need to add a security layer to these cloud desktops. In AWS when users access the WorkSpaces, upon access, they are automatically assigned a workspace, and a dynamic IP. Controlling this access is challenging using traditional network segmentation solutions that are IP based. Thus, our customer was looking for a solution with the following features:

    • Visibility:
      • First and foremost within the newly adopted cloud platform
      • Secondly, not just an understanding of traffic between legacy systems on-premises and in the cloud individually, but visibility into inter-platform communications, too.
    • Special attention for Amazon WorkSpaces:
      • User-level protection: Controlling which users from AWS workspaces should and could interact with the various applications the customer owned, on-premises or in the cloud.
      • Single policy across hybrid-cloud: What was once implemented on-premises alone, now needed to be implemented in the cloud, and not only in the cloud, but cross cloud to on-premises applications. The customer was looking for simplicity, a single tool to control all policies across any environment.

Tackling this Use Case with Guardicore Centra

Our customer evaluated several solutions, for visibility, segmentation and user identity management.The customer eventually choose Guardicore Centra, for the ability to deliver all of the above, from a single pane of glass, and do so swiftly and simply.

Guardicore was able to provide visibility of all workloads, on premises or in the cloud, across virtual, bare metal and cloud environments, including all assets, giving our customer the governance they needed of all traffic and flows, including between environments.

On top of visibility, Centra allowed an unprecedented amount of control for the customer. Guardicore policies were set to control and enforce allowed traffic and add an additional layer of user identity policies to control which users from the AWS workspaces could talks to which on-premises applications. As mentioned previously, upon access to AWS workspaces, users are automatically assigned a workspace, with a dynamic IP. Thus traditional tools that are IP based are inadequate, and do not provide the flexibility needed to control these user’s access. In contrast, Guardicore Centra enables creating policies based on the user’s identity to the datacenter and applications, regardless of IP or WorkSpace.

 

Where Guardicore Centra Stands Apart from the Competition

Guardicore Centra provides distributed, software-based segmentation, enabling user identity access management. This enables additional control of the network, among any workloads.

Centra enables creating policy rules based on the identity of the logged in user. Identities are pulled from the organizational Active Directory integrated with Centra. Centra requires no network changes and no downtime or reboot of systems. Policies are seamlessly created, and take real time effect, controlling new and active sessions alike.

This use case is just one example of how Guardicore Centra simplifies segmentation, and enables customers fine-grained visibility and control. Centra allows an enterprise to control user’s access anywhere, setting policy that applies even when multiple users are logged in at the same time to the same system, as well as managing third party, administrators and network users’ access to the network.

Want to learn more about securing and monitoring critical assets and applications on AWS? Join our live webinar with AWS on Thursday, December 12th at 1:00pm Eastern.
Register Now

Environment Segmentation is your Company’s First Quick Micro-Segmentation Win

We often tell our customers that implementing micro-segmentation technology should be a phased project. Starting with a thorough map of your entire IT ecosystem, your company should begin with the ‘low hanging fruit’, the easy wins that can show quick time to value, and have the least impact on other parts of the business. From here, you’ll be in a strong vantage point to get buy in for more complex or granular segmentation projects, perhaps even working towards a zero-trust model for your security.

One of the first tasks that many customers take on is separating environments from one another. Let’s see how it works.

Understanding the Context of your Data Center

Whether your workloads are on-premises, in the cloud, or in a hybrid mix of the two, your data center will be split into environments. These include:

  • Development: Where your developers create code, try out experiments, fix bugs, and use trial and error to create new features and tools.
  • Staging: This is where testing is done, either manually or through automation. Resource-heavy, and as similar as possible to your production environment. This is where you would do your final checks.
  • Production: Your live environment is your production environment. If any errors or bugs make it this far, they could be discovered by your users. If this happens in this environment, it could have the greatest impact on your business through your most critical applications. While all environments are vulnerable, and some may even be more easily breached, penetration and movement in this environment can have the most impact and cause the most damage.

Of course, every organization is different. In some cases, you might have environments such as QA, Local, Feature, or Release, to name just a few. Your segmentation engine should be flexible enough to meet any business structure, suiting your organization rather than the other way around.

It’s important to note that these environments are not entirely separate. They share the same infrastructure and have no physical separation. In this reality, there will be traffic which needs to be controlled or blocked between the different environments to ensure best-practice security. At the same time however, in order for business to run as usual, specific communication flows need to be allowed access despite the environment separations. Mapping those flows, analyzing them and white-listing them is often not an easy process in itself, adding another level of complexity to traditional segmentation projects carried out without the right solution.

Use cases for environment segmentation include keeping business-critical servers away from customer access, and isolating the different stages of the product life cycle. This vital segmentation project also allows businesses to keep up with compliance regulations and prevents attackers from exploiting security vulnerabilities to access critical data and assets.

Traditional Methods of Environment Segmentation

Historically, enterprises would separate their environments using firewalls and VLANs, often physically creating isolation between each area of the business. They may have relied on cloud platforms for development, and then used on-premises data centers for production for example.

Today, some organizations adapt VLANs to create separations inside a data center. This relies on multiple teams spending time configuring network switches, connecting servers, and making application and code changes where necessary. Despite this, In static environments, hosted in the same infrastructure, and without dynamic changes or the need for large scale, VLANs get the job done.

However, the rise in popularity of cloud and containers, as well as fast-paced DevOps practices, has made quick implementation and flexibility more important than ever before. It can take months to build and enforce a new VLAN, and become a huge bottleneck for the entire business, even creating unavoidable downtime for your users. Manually maintaining complex rules and changes can cause errors, while out of date rules leave dangerous gaps in security that can be exploited by sophisticated attackers. VLANs do not extend to the cloud, which means your business ends up trying to reconcile multiple security solutions that were not built to work in tandem. Often this results in compromises being made which put you at risk.

A Software-Based Segmentation Solution Helps Avoid Downtime, Wasted Resources, and Bottlenecks

A policy that follows the workload using software bypasses these problems. Using micro-segmentation technology, you can isolate low-value environments such as Development from Production, so that even in case of a breach, attackers cannot make unauthorized movement to critical assets or data. With intelligent micro-segmentation, this one policy will be airtight throughout your environment. This includes on-premises, in the public or private cloud, or in a hybrid data center.

The other difference is the effort in terms of implementation. Unlike with VLANs, with software-based segmentation, there is no complex coordination among teams, no downtime, and no bottlenecks while application and networking teams configure switches, servers and code. Using Guardicore Centra as an example, it takes just days to deploy our agents, and your customers won’t experience a moment of downtime.

Achieve Environment Segmentation without Infrastructure Changes

Environment segmentation is a necessity in today’s data centers: to achieve compliance, reduce the attack surface, and maintain secure separation between the different life stages of the business. However, this project doesn’t need to be manually intensive. When done right, it shouldn’t involve multiple teams, result in organizational downtime or even require infrastructure changes. In contrast, it can be the first stage of a phased micro-segmentation journey, making it easier to embrace new technology on the cloud, and implement a strong posture of risk-reduction across your organization.

Want to learn more about what’s next after environment segmentation as your first micro-segmentation project? Read up on securing modern data centers and clouds.

More Here.

Guardicore Centra Security Platform Verified as Citrix Ready

Micro-segmentation Solution Enables Strong Security for Citrix Virtual Apps and Desktops by Isolating Workloads and Preventing Lateral Movement

Boston, Mass. and Tel Aviv, Israel – November 12, 2019 – Guardicore, a leader in internal data center and cloud security, today announced its solution has been verified as Citrix® Ready. The Citrix Ready technology partner program offers robust testing, verification, and joint marketing for Digital Workspace, Networking, and Analytics solutions – with over 30,000 verifications listed in the Citrix Ready Marketplace. Guardicore completed a rigorous testing and verification process for its Guardicore Centra security platform to ensure compatibility with Citrix Virtual Apps and Desktops, providing confidence in joint solution compatibility.

“Using Guardicore Centra’s micro-segmentation capabilities, Citrix customers can now more effectively create and enforce policies that isolate Citrix Virtual Apps and Desktops securely, delivering a Zero Trust approach and preventing unauthorized access as well as lateral movement,” said Sharon Besser, Vice President of Business Development, Guardicore. “By integrating with critical technologies from Citrix and other members of our partner ecosystem we enable customers to maximize the value of existing investments while transforming security in the cloud and software-defined data center.”

“The Guardicore Centra security platform delivers a simple and intuitive way to apply micro-segmentation controls to reduce the attack surface, detect, and control breaches,” said John Panagulias, Director, Citrix Ready. “With this integration and Citrix Ready validation, we can offer customers integrated security solutions that combine Guardicore Centra with Citrix Virtual Apps and Desktops to protect virtual workloads while enhancing productivity.”

Virtual desktop infrastructure deployments require effective security controls that can scale without losing visibility and control. Unlike traditional deployments where end-user machines can be physically isolated from the data center and controlled and monitored, securing virtual environments requires a different approach, especially when applying principles of Zero Trust. Micro-segmentation is central to the network virtualization paradigm. It enables better security for these environments by isolating workloads from each other, controlling and enforcing security policies that prevent lateral movement attacks. Guardicore augments Citrix Virtual Apps and Citrix Virtual Desktops with micro-segmentation, using its advanced capabilities for flows, applications and users to create secure zones that enhance the application of Zero Trust without compromising productivity or user experience.

Available now, Guardicore Centra supports Citrix Virtual Apps and Desktops, and older versions of Citrix XenApp and Citrix XenDesktop. Guardicore Centra for Citrix products can be found immediately in the Citrix Ready Marketplace.

About Guardicore

Guardicore is a data center and cloud security company that protects your organization’s core assets using flexible, quickly deployed, and easy to understand micro-segmentation controls. Our solutions provide a simpler, faster way to guarantee persistent and consistent security — for any application, in any IT environment. For more information, visit www.guardicore.com.

Guardicore Achieves Microsoft IP Co-Sell Status: Available for Download on the Azure Marketplace – Here’s What That Means for You

A couple of weeks ago we announced that the Guardicore Centra security platform is available in the Microsoft Azure Marketplace. As you might know, Centra was available in the marketplace before, as Guardicore has worked with Microsoft for a very long time, providing various integrations as well as research for Azure and Azure Stack. Now, the latest version of Centra is available and Guardicore has achieved an IP Co-Sell status.

One of the most important capabilities that we developed for Azure provides Centra with real-time integration to Azure orchestration. This provides metadata on the assets deployed in your Azure cloud environment, complementing the information provided by Guardicore agents.

For example, information coming from orchestration may include data that can’t be collected from the VM itself, including: Source Image, Instance Name, Private DNS name, Instance Id, Instance Type , Security groups, Architecture, Power State, Private IP Address and Subscription Name.

Using this information, Centra will accelerate security migration from an on-premises data center to Azure.

In addition, we are very proud that Guardicore has achieved the Microsoft IP Co-Sell status. This designation recognizes that Guardicore has demonstrated its proven technology and deep expertise that helps customers achieve their cloud security goals. Achieving this status demonstrates our commitment to the Microsoft partner ecosystem. It also proves our ability to deliver innovative solutions that help forward-thinking enterprise customers to secure their business-critical applications and data with quick time to value, reduce the cost and burden of compliance, and securely embrace cloud adoption.