American startup Illumio, which claims to have cracked the security issues of distributed cloud applications, has added a $100 million investment to $42 million it had already received. The company also announced that its so-called Adaptive Security Platform is available installed on F5 load balancers - and now includes encryption.
Illumio works to secure traffic within a distributed hybrid cloud system by planting agents in all virtual machines and containers, then analyzing any traffic between them and restricting it according to policies. The idea is to go beyond physical firewalls, and provide a platform that takes the security with any application and distributed in a DevOps world.
Work with what is there
“Eighty percent of security effort is invested in 20 percent of the traffic,” CEO Andrew Rubin told DatacenterDynamics. While firewalls restrict traffic coming to a site, there is more danger in traffic moving within that site, or between internal and external services on the public cloud, he said.
Rubin, a serial infosec entrepreneur [who is not to be confused with Android inventor Andy Rubin - Editor] explained that even though distributed applications can be attacked in more places, the attack surface can be reduced by monitoring and controlling all the communications between their components - for instance allowing web servers to access a database, but not to communicate with each other.
The Illumio software works in different modes. With agents installed in all virtual machines and containers, it operates in “illumination” mode, analyzing the information flows within a distributed system. Policies can then be designed which restrict what different elements can do, and once these are tested they can be applied.
In enforcement mode, the system will monitor for incorrect activity, blocking and reporting it. In a DevOps environment this is powerful, as elements of the system may be moved to other environments - for instance AWS or other public cloud services - and their security restrictions go with them.
Illumio has now added encryption to the mix, so that data traffic between elements can be encrypted - again, elements take these encrypted pipes with them when they are moved about, in a DevOps manner.
Although Illumio is loaded in the software, it makes sense to offer it on hardware like F5 load balancers, because of their ubiquity, explained Rubin. ”F5 load balancers in a data center are like Starbucks. There’s one everywhere.” Adding Illumio adds another function to the load balancer, he went on - perhaps like persuading Starbucks to sell a new range, like bagels or insurance.
Battle of the eggs
The proposition sounds similar to promises made by VMware to harden up the tech within its customers’ data centers. At a recent VMworld, VMware CEO Pat Gelsinger said that traditional data centers were “soft and gooey” inside like a softboiled egg, but could be toughened up with security features on every virtual machine.
This approach is good, agreed Rubin, but only applies to VMware products and won’t secure containers, bare metal servers or workloads in public clouds - basically anywhere outside the control of a monolithic VMware implementation. “I’ve been amazed by how much IT is running on bare metal un-virtualized servers and on Windows,” said Rubin.
Having operated for nearly two years in stealth mode, Illumio emerged in late 2015. Its publicly-announced customers include Morgan Stanley, Plantronics and NTT. The new investment comes from BlackRock Funds and Accel Partners, joiuning existing investers Formation 8, Andreesen Horowitz and General Catalyst.
Using the funding, Illumio plans to expand internationally and start selling its product more aggressively.