Solarflare’s ‘Micro-Segmentation Security’ Puts the Firewall Inside the Data Center
Solarflare, well-established on Wall Street for its low latency networking trading platforms, is moving beyond the financial services industry with a general-purpose hardware server firewall that has some data center security experts taking notice.
The company has announced SolarSecure, the first server firewall technology to be based in the network interface controller (NIC), enabling IT managers to detect threats from inside the data center, where 90 percent of IP traffic flows. SolarSecure is delivered within Solarflare’s XtremeScale 8000 Series NIC, which inspects every packet at line-speed and, according to the company, no loss of performance.
SolarSecure said its NIC-based approach enables “micro segmentation of security policies” down to a VM or container microservice workload, combined with NIC-based security services that can be delivered on a per-VM or per-microservice basis. Using the SolarSecure Manager, packet surveillance can be initiated and firewalls can be configured for each TCP/IP address, including learn and enforce modes, white listing or black listing; alerts, and cloaking a server by dropping packets.
“I think that it’s a great approach to a relatively untapped need for cyber security: monitoring the flow of data within a large data center that has an aggressive network of connectivity,” Bob Sorensen, analyst at Hyperion (formerly IDC), told EnterpriseTech.
“The things that jumped out at me were that this capability is located on the NIC card, which means it can inspect packets at line speed as they fly by, offer no additional load on the computational processors, and are removed from most forms of hacking as they are remote from the operating system and user driven applications. It’s a nice way to do business.”
Ahmet Houssein, Solarflare’s vice president, marketing and strategic development, told EnterpriseTech that locating the firewall in the server’s NIC means a breach can’t take place using root access to a software application or operating system platform. “It means I can now detect who goes in and out of that network,” he said, “and also who’s the recipient inside the office or whose app inside the server is receiving and sending that data.”
By collecting high volumes of a data from the NIC and feeding it into a data lake, SolarSecure can apply machine learning techniques to network flow analytics and “learn things about the office and the infrastructure. I can also start to know things about workflows, how things should normally run,” in order to develop policies and detect anomalies.
Deployed as a fully featured firewall platform, Houssein said SolarSecure provides integrated packet surveillance, filtering, server cloaking and scales at the cost of $300 per NIC.
As part of the launch, Solarflare announced that two managed service providers, Trading Technologies, Chicago, and Cloudwick, Newark, CA, are integrating SolarSecure hardware technology into their service platforms.
Trading Technologies’ TT Platform is a trading framework that allows mobile trading on virtually any device. “The whole challenge in providing a low-latency trading platform is to make the infrastructure as thin as possible,” said Dan Feldman, vice president of systems and network engineering at Trading Technologies. “Adding firewall appliances adds hops and latency. By placing a Smart NIC with SolarSecure in line with the transactions, we eliminate hops and deliver a similar security narrative.”
Cloudwick’s CDL provides a managed security solution scaled for the enterprise providing server cloaking and packet “capture everywhere” solutions for compliance, risk mitigation and security by securing packets within data lakes in the cloud. “Our business is modernizing data security for scale-out environments,” said Mark Schreiber, general manager at CDL. “With software-defined network processing on every server, SolarSecure provides both the granularity and scalability we need in a security platform to cloak data lakes from prying eyes.”