Showing posts with label Security. Show all posts
Showing posts with label Security. Show all posts

Tuesday, February 18, 2020

Telco Security Alliance share threat intelligence

The Telco Security Alliance, whose members include AT&T, Singtel and Telefónica, announced new collaborative efforts to detect and eliminate threats from customer environments.

The hope is that by continuously sharing the latest threat intelligence and indicators of compromise (IoCs) related to cybersecurity threats and global attack campaigns, operators can help organizations as the threat landscape evolves.

Telco Security Alliance threat intelligence is derived from multiple sources including anonymized data from alliance member security operations centers and security investigations. By pooling valuable information on new malware campaigns and indicators of compromise from ongoing attacks, our customers gain a more global and complete view of cybersecurity developments that may impact operations.

Joint threat intelligence sharing will allow our security analysts to take more proactive means to combat malicious activities. We will accomplish this by writing and pushing signatures for newly discovered malware and phishing campaigns across customer products and environments down to individual endpoints. The different feeds serving the threat intelligence instruments will utilize the AT&T Alien Labs® Open Threat Exchange® (OTX™) platform.

The Telco Security Alliance formed by AT&T, Etisalat, Singtel, SoftBank and Telefónica, is the first global security alliance between telecom operators. The alliance aims to improve each member’s ability to respond rapidly to cybersecurity threats. The Telco Security Alliance aims to help enterprises and government agencies address the growing threat of cyber-attacks and the evolving threat landscape. AT&T, Singtel and Telefónica are the first Telco Security Alliance members to participate in the threat intelligence sharing initiative but expansion to other members is planned.

“Access to global actionable threat intelligence has become increasingly crucial as cyber threats traverse sovereign boundaries,” said Chng Tien San, Global Head of Alliances at Trustwave, a Singtel company. “Trustwave helps enterprises perform continuous threat detection and response, and we look forward to our continued collaboration with the Telco Security Alliance as we collectively help businesses embrace digital transformation securely.”

“Our customers demand us to deliver contextualized threat intelligence, delivering as many details as possible to reveal undetected attacks. By leveraging the Alliance members’ most relevant IoCs into one single platform, it will allow us to improve our detection and response, and the emerging playbooks will let our analysts focus on the analysis and investigations of the advanced threat defeating techniques,” said Sebastián García de Saint-Léger, Telco Sector manager at ElevenPaths, Telefónica’s cybersecurity unit.

“This relationship supports the global fight against cybercrime,” said Jaime Blasco, AVP of Product Development for AT&T Cybersecurity. “This initiative already proved valuable to AT&T’s visibility into current threats, and as we continue to work together, our focus is on utilizing this relationship to deliver better threat intelligence to our customers.”

Thursday, January 23, 2020

CloudKnox raises $12M for identity authorization for cloud

CloudKnox Security, a start-up based in Sunnyvale, California, raised $12 million for its work in identity authorization for hybrid and multi-cloud environments.

CloudKnox recently added new privilege-on-demand, auto remediation and anomaly detection capabilities, integration with AWS IAM Access Analyzer and support for VMware Cloud on AWS. The company was also recently awarded two patents: the first for activity-based access control in heterogeneous environments; and the second for a method and system to detect discrepancy in infrastructure security configurations.

The funding round was led by Sorenson Ventures with participation from early investors, including ClearSky Security, Dell Technologies Capital and Foundation Capital. This brings total funding raised to date to $22.75M.

CloudKnox also announced several key additions to the company’s board and executive team. Stephen Ward, CISO at The Home Depot; Ken Elefant, managing partner at Sorenson Ventures and Suresh Batchu, co-founder and CTO at MobileIron, joined the company’s Board of Directors. The company also appointed John Donnelly as vice president of sales. John has more than 30 years of experience as a sales leader, including roles as VP of sales for MobileIron, Vontu and, most recently, as a sales advisor for ClearSky Security and Wing Venture Capital.

“We’ve seen exceptional growth from customers and prospects looking to address the number one risk in their cloud infrastructure,” said Balaji Parimi, CEO and founder at CloudKnox Security. “This positioned us to pre-emptively secure another round of funding to leverage strong market adoption and accelerate our customer expansion. We’re delighted to have Sorenson Ventures join our current investors, who continue to show their commitment to our success, welcome John to our team, and Stephen and Suresh to our board.”

Wednesday, January 22, 2020

Automating Threat Awareness in Networks



Thanks to breakthroughs in behavioral analytics, threat intelligence continues to advance. How can points-of-enforcement leverage these gains to build more secure networks?

Samantha Madrid, Vice President of Network Security Business & Strategy, Juniper Networks, discusses strategic considerations for connected security.

For more great insights from top thought leaders and access to free market reports visit https://nginfrastructure.com/

NETSCOUT brings its next gen DDoS protection for Service Providers

NETSCOUT SYSTEMS introduced a new solution for delivering DDoS visibility and protection for service providers and large enterprises. Arbor Sightline with Sentinel combines core ARBOR NETWORKS and NETSCOUT Layer 7 technologies with intelligent analytics, machine learning, and automation.

“A majority of the world’s internet service providers, along with data center operators and large network operators, rely on NETSCOUT Arbor solutions for advanced DDoS protection,” said Tom Lyons, vice president of product management, NETSCOUT. "Sightline with Sentinel significantly builds upon NETSCOUT’s Smart Data technology, which uses its patented Adaptive Service Intelligence (ASI) technology leveraging Layer 7 visibility and intelligent analytics to deliver smart visibility and detection that identifies application-layer threats at Terabit scale. NETSCOUT is the first to deliver inter-provider signaling to give ISPs and large network operators the means to coordinate their attack response. Also, Sightline with Sentinel provides orchestrated mitigation that allows the network to play an active role as a defense shield to block threats closer to the network’s edge, enabling next-generation always-on, value-added services.”

For ISPs, Sightline with Sentinel leverages NETSCOUT Smart Data to provide service- and application-layer visibility, augmenting flow data to deliver additional insight and enabling OTT service analysis and content delivery optimization across complex, high-scale networks. Using Layer 7 visibility, Sightline with Sentinel will provide ISPs with a deep understanding of the services their customers use, as well as allow them to detect a broader range of application-layer threats to enable a new breed of visibility and security value-added services.

Through inter-provider signaling, Sightline with Sentinel allows for sharing of attack data between ISPs and large network operators regionally and across the globe. The new inter-provider signaling function allows these network operators to share their attack data and proactively coordinate defense against DDoS attacks, stopping them nearer to their source.

http://www.netscout.com

Tuesday, January 7, 2020

MYHSM brings Payment Hardware Security to Equinix

MYHSM, which offers Payment Hardware Security Modules (HSMs) as a Service, will host its equipment on Platform Equinix and use Equinix connectivity services.

Equinix operates over 200 data centers around the world with access to all Tier 1 Network routes and with a 99.9999% uptime record.

MYHSM that Equinix data centers are certified to PCI DSS (Payment Card Industry Data Security Standard) meaning that payments organisations across the world can now secure their transactions by connecting to MYHSM’s PCI PIN certified service with high levels of performance, security, and reliability, in a fully PCI-compliant environment.

John Cragg, CEO at MYHSM, commented: “MYHSM is delighted to be working with Equinix, which is a real enabler for the payments industry. We are now partners with the global leader in interconnection as well as with Thales, the global leader in Payment HSMs. These partnerships put us in pole position to meet not only the existing demand for Payment HSM as a Service but also the explosive growth being generated by the dash for the cloud which is happening all around us."

https://myhsm.com

Thursday, December 5, 2019

CyrusOne hit by ransomware attack

CyrusOne was hit by a ransomware attack impacting at least six of its data center colocation managed services customers.

In a statement, CyrusOne said its working to restore availability after a ransomware program encrypted certain devices. The customers are primarily serviced by CyrusOne’s New York Data Center.

CyrusOne’s data center colocation services, including IX and IP Network Services, are not involved in this incident.

CyrusOne said it is working closely with third-party experts and legal authorities to address this matter.

https://cyrusone.com/

Monday, November 4, 2019

Broadcom completes acquisition of Symantec Enterprise Security

Broadcom completed its previously-announced acquisition of Symantec's Enterprise Security Business.

The acquired product portfolio includes enterprise endpoint security, web security services, cloud security and data loss prevention.

The deal was valued at $10.7 billion in cash when it was first announced in August.

Symantec's Enterprise Security business will now operate as the Symantec Enterprise division of Broadcom and will be led by Art Gilliland as SVP and General Manager. Mr. Gilliland most recently served as General Manager of Symantec's Enterprise Security business where he oversaw the Enterprise Security product and engineering teams, Enterprise Security Worldwide Sales and the Enterprise Security customer support organization. He brings more than 20 years of experience in the security software industry.

"Today represents an important milestone as Symantec's Enterprise Security business joins our other semiconductor and software franchises that together form the Broadcom platform," said Hock Tan, President and Chief Executive Officer of Broadcom. "Symantec's Enterprise Security business expands our footprint of mission critical infrastructure software for the Global 2000. We are pleased to welcome the talented team of employees at Symantec Enterprise Security to the Broadcom family."

Thursday, October 24, 2019

Blueprint column: Stop the intruders at the door!

by Prayson Pate, CTO, Edge Cloud, ADVA

Security is one of the biggest concerns about cloud computing. And securing the cloud means stopping intruders at the door by securing its onramp – the edge. How can edge cloud can be securely deployed, automatically, at scale, over public internet?

The bad news is that it’s impossible to be 100% secure, especially when you bring internet threats into the mix.

The good news is that we can make it so difficult for intruders that they move on to easier targets. And we can ensure that we contain and limit the damage if they do get in.

To achieve that requires an automated and layered approach. Automation ensures that policies are up to date, passwords and keys are rotated, and patches and updates are applied. Layering means that breaching one barrier does not give the intruder the keys to the kingdom. Finally, security must be designed in – not tacked on as an afterthought.

Let’s take a closer look at what edge cloud is, and how we can build and deliver it, securely and at scale.

Defining and building the edge cloud

Before we continue with the security discussion, let’s talk about what we mean by edge cloud.

Edge cloud is the delivery of cloud resources (compute, networking, and storage) to the perimeter of the network and the usage of those resources for both standard compute loads (micro-cloud) as well as for communications infrastructure (uCPE, SD-WAN, MEC, etc.), as shown below.
For maximum utility, we must build edge cloud in a manner consistent with public cloud. For many applications that means using standard open source components such as Linux, KVM and OpenStack, and supporting both virtual machines and containers.

One of the knocks against OpenStack is its heavy footprint. A standard data center deployment for OpenStack includes one or more servers for the OpenStack controller, with OpenStack agents running on each of the managed nodes.

It’s possible to optimize this model for edge cloud by slimming down the OpenStack controller and running it the same node as the managed resources. In this model, all the cloud resources – compute, storage, networking and control – reside in the same physical device. In other words, it’s a “cloud in a box.” This is a great model for edge cloud, and gives us the benefits of a standard cloud model in a small footprint.

Security out of the box

Security at an edge cloud starts when the hosting device or server is installed and initialized. We believe that the best way to accomplish this is with secure zero-touch provisioning (ZTP) of the device over public IP.

The process starts when an unconfigured server is delivered to an end user. Separately, the service provider sends a digital key to the end user. The end user powers up the server and enters the digital key. The edge cloud software builds a secure tunnel from the customer site to the ZTP server, and delivers the security key to identify and authenticate the edge cloud deployment. This step is essential to prevent unauthorized access if the hosting server is delivered to the wrong location. At that point, the site-specific configuration can be applied using the secure tunnel.

The secure tunnel doesn’t go away once the ZTP process completes. The management and orchestration (MANO) software uses the management channel for ongoing control and monitoring of the edge cloud. This approach provides security even when the connectivity is over public IP.

Security on the edge cloud

One possible drawback to the distributed compute resources and interface in an edge cloud model is an increased attack surface for hackers. We must defend edge cloud nodes with layered security at the device, including:
• Application layer – software-based encryption of data plane traffic at Layers 2, 3, or 4 as part of platform, with the addition of third-party firewall/UTM as a part of the service chain
• Management layer – two-factor authentication at customer site with encryption of management and user tunnels
• Virtualization layer – safeguard against VM escape (protecting one VM from another, and prevention of rogue management system connectivity to hypervisor) and VNF attestation via checksum validation
• Network layer – Modern encryption along with Layer 2 and Layer 3 protocols and micro-segmentation to separate management traffic from user traffic, and to protect both

Security of the management software

Effective automation of edge cloud deployments requires sophisticated MANO software, including the ZTP machinery. All of this software must be able to communicate with the managed edge cloud nodes, and do so securely. This means the use of modern security gateways to both protect the MANO software, as well as to provide the secure management tunnels for connectivity.

But that’s not enough. The MANO software should support scalable deployments and tenancy. Scalability should be built using modern techniques so that tools like load balancers can be used to support scaleout. Tenancy is a useful tool to separate customers or regions and to contain security breaches.

Security is an ongoing process

Hackers aren’t standing still, and neither can we. We must perform ongoing security scans of the software to ensure that vulnerabilities are not introduced. We must also monitor the open source distributions and apply patches as needed. A complete model would include:
Automated source code verification by tools such as Protecode and Black Duck
Automated functional verification by tools such as Nessus and OpenSCAP
Monitoring of vulnerability within open source components such as Linux and OpenStack
Following recommendations from the OpenStack Security Group (OSSG) to identify security vulnerabilities and required patches
Application of patches and updates as needed

Build out the cloud, but secure it

The move to the cloud means embracing multi-cloud models, and that should include edge cloud deployments for optimization of application deployment. But ensuring security at those distributed edge cloud nodes means applying a security in an automated and layered approach. There are tools and methods to realize this approach, but it takes discipline and dedication to do so.

Sunday, August 11, 2019

McAfee acquires NanoSec for container security

McAfee has acquired NanoSec, a start-up offering a multi-cloud, zero-trust application and security platform for containers. Financial terms were not disclosed.

NanoSec developed a wrapper technology that works as an agent and runs on any flavor of Linux and many flavors of Windows OS. NanoSec also provides an agentless Container scanning and Config Audit (including CIS Benchmarks). The NanoSec Intelligent backend can be hosted by the customer on any midsize server on-premise/cloud or as a SaaS service.

Nanosec is based in Santa Clara, California and Bengaluru, Karnataka, India.

McAfee said the acquisition will enable organizations to improve governance and compliance and to reduce risk of their cloud and container deployments. NanoSec’s security capabilities will be applied to applications and workloads deployed in containers and Kubernetes and will be integrated into McAfee MVISION Cloud and MVISION Server Protection offerings. These capabilities include continuous configuration compliance and vulnerability assessment as well as runtime application-level segmentation for detecting and preventing lateral movement of threats.

“NanoSec’s technology is a natural extension for McAfee MVISION Cloud, enhancing our current CASB and CWPP products, and adding to our ‘Shift-Left’ capabilities to deliver on the DevSecOps best practice to improve governance and security," said Rajiv Gupta, senior vice president and general manager of the cloud security business unit, McAfee.

“Joining forces with McAfee means that our groundbreaking capabilities including our unique application-identity based approach for app-level protection and micro-segmentation will be available on a global scale,” said Vishwas Manral, founder and CEO of NanoSec.

Sunday, August 4, 2019

Whitepaper on 5G Security

A newly published whitepaper on The Evolution of Security in 5G, explores improvements in 5G technologies encryption, authentication, integrity protection, privacy and network availability of:

  • the unified authentication framework that enables seamless mobility across different access technologies and support of concurrent connections
  • User privacy protection for vulnerable information often used to identify and track subscribers
  • Secure Service-Based Architecture (SBA) and slice isolation optimizing security that prevents threats from spreading to other network slices
  • Improving SS7 and Diameter protocols for roaming
  • Adding native support for secure steering of roaming (SoR), allowing operators to steer customers to preferred partner networks – improving the customer experience, reducing roaming charges, and preventing roaming fraud
  • Improved rogue base station detection and mitigation techniques
  • And even more proprietary operator and vendor analytics solutions that offer additional layers of security

 The 60-page whitepaper was created by a working group of 5G Americas’ Board of Governors member companies and project leaders Sankar Ray from AT&T and Mike Geller from Cisco.

Huawei joins Paris Call for cybersecurity

Huawei announced its commitment to the Paris Call, a declaration aimed at spurring collective action toward securing cyberspace.

Launched by the French government in November 2018, the Paris Call is a declaration of commitment to work collaboratively on cybersecurity. Other signatories to the Paris Call include 67 states, 139 international and civil society organizations, and 358 private-sector companies.

“The quest for better security serves as the foundation of our existence, said John Suffolk, Global Cyber Security & Privacy Officer at Huawei. “We fully support any endeavor, idea or suggestion that can enhance the resilience and security of products and services for Governments, customers and their customers. We support global collaborative action on improving defenses against cybercrime, including openness, transparency and internationally agreed standards”.

Monday, July 8, 2019

Orange completes acquisition of SecureLink for EUR 515 million

Orange completed its previously-announced acquisition of SecureLink, a leading independent cybersecurity player in Europe, for EUR 515 million.

SecureLink provides a full range of cybersecurity services including specialized security consulting, security maintenance and support with 24/7 service desks (SOCs) as well as advanced managed detection and response capabilities (MDR). The group is also a leading value-added reseller of security software and hardware solutions, holding more than 1,000 technical or sales accreditations with blue chip security vendors.

SecureLink was founded in 2003 and is based in the Netherlands with over 660 employees and 14 offices. In 2018, SecureLink recorded IFRS revenues of €248m.

Orange said the acquisition makes it one of the European leaders of cybersecurity with c.1,800 employees, more than €600m PF revenues in 2018 and strong positions in major local markets through its unique European DNA and a comprehensive cybersecurity services offering.

Orange is already a leading player in the French market through Orange Cyberdefense (€303m revenues in 2018, up 12% vs. 2017).

Monday, July 1, 2019

TrapX raises $18 million for cyber deception technology

TrapX Security, a start-up based in San Jose, California, closed an $18 million financing round for its cyber deception technology.

The funding round was led by Ibex Investors. Existing TrapX investors, such as BRM, Opus Capital, Intel Capital, Liberty Technology Venture Capital, and Strategic Cyber Ventures also participated in the round.

TrapX's deception technology has a unique approach to threat detection as a “right data” problem, rather than a “big data” problem allowing security teams to change the economics of cyber-attacks. The company was founded in 2012.

Last month, TrapX announced the release of the latest enhancements to the company’s DeceptionGrid platform, which allows its customers to launch a virtual army of artificial users to expose cyber attackers. The company has also formed a cyber-deception user community called DeceptionNet to share deception strategies, new types of traps (decoys), and third-party connectors to greatly enhance the effectiveness of deception.

http://www.trapx.com

Tuesday, June 25, 2019

Cybereason uncovers a worldwide hack against telecom operators

Cybereason, a network security firm based in Boston with operations in Tel Aviv, disclosed Operation Soft Cell, an advanced, persistent attack targeting global telecommunications providers. The story was reported by The Wall Street Journal and other publications on Tuesday.

Cybereason says the hacking campaign was carried out by a threat actor using tools and techniques commonly associated with the Chinese-affiliated threat actor APT10. This multi-wave attacks focused on obtaining data of specific, high-value targets and resulted in a complete takeover of the network. The compromised material is believed to include call detail records (CDR) of specific individuals.

The researchers estimate the hack has been going since 2017.

Cybereason asserts that there is "a very high probability that the threat actor behind these malicious operations is backed by a nation state, and is affiliated with China."



https://www.cybereason.com/blog/operation-soft-cell-a-worldwide-campaign-against-telecommunications-providers

Monday, June 24, 2019

Vectra raises $100m for its AI-driven cloud security

Vectra, a start-up based in San Jose, California, announced $100 million in new funding for its artificial intelligence (AI)-driven cloud security using network detection and response.

Vectra's Cognito platform promises 360-degree visibility into cloud, data center, user and internet-of-things (IoT) infrastructure. The company reports 104% growth in annual recurring revenue in 2018 compared to 2017. The company will continue to ramp up initiatives aimed at addressing the global deficit in cloud security, innovating on its existing platform and expanding its global customer base.

The new funding was led by TCV and included existing investors. This brings the company’s total funding to date to more than $200 million.

“The cloud has inherent security blind spots, making it imperative to eliminate cyber-risks as enterprises move their business to the cloud,” said Hitesh Sheth, president and chief executive officer at Vectra. “The Cognito platform enables them to stop hidden cyberattacks in the cloud. We look forward to partnering with TCV and our existing investors as we continue our rapid growth.”

Wednesday, June 12, 2019

Edgewise raises $11 million for microsegmentation

Edgewise Networks, a start-up based in Burlington, Mass, announced $11 million in funding for its microsegmentation platform based on software identity.

The funding round was led by existing investors .406 Ventures and Accomplice, with additional participation from Pillar.

Edgewise reduces the network attack surface in cloud and data center environments. Edgewise said it automatically protects application workloads in seconds, adding provable security to hybrid cloud environments. Machine learning and advanced analytics enable the rapid discovery of application communication topology and attack pathways. This real-time visibility allows security teams to microsegment environments with a single click. Policies are enforced no matter where the application resides — on premises, in the cloud, or in a container — and remain in effect even as the underlying network changes.

“Our innovative, patented approach makes microsegmentation — one of the hardest problems in cybersecurity — incredibly simple to implement,” said Peter Smith, co-founder and chief executive officer at Edgewise Networks. “With Edgewise, companies can operate their applications in hybrid cloud and container environments with peace of mind, knowing that they are protected. This strong support from our investors will enable us to expand to meet the demand for automated microsegmentation.”

https://www.edgewise.net

Thursday, June 6, 2019

NTT Comm signs Zscaler for web security

Zscaler announced a global alliance partnership agreement with NTT Communications to deliver cloud-based internet and web security that scales to all users, regardless of location, enabling enterprises to securely embrace the cloud.

“As a DX Enabler™ of digital transformation, we wish to provide services that help customers transform existing businesses and create new ones. To achieve this aim, we need a cloud platform that is not only flexible and reliable but, also enables utilizing data safely and securely,” said Mr. Fumitaka Takeuchi, a security evangelist at NTT Communications. “By uniting our global communication infrastructure with the world’s highest level of robustness and managed security services with Zscaler’s flexible cloud security services, we provide data management solutions for a new era and support increased resilience in a zero-trust environment.”

“NTT Communications’ reliable communication infrastructure combined with Zscaler’s extensive cloud security platform will enable enterprises to securely transform into cloud-enabled enterprises,” said Al Caravelli, Vice President of Worldwide Global Alliances and Channels at Zscaler.

Thursday, May 30, 2019

Colt Ethernet Line Encryption leverages ADVA FSP 150

Colt Technology Services is using the ADVA FSP 150 with ConnectGuard security technology to deliver its new Ethernet Line Encryption service at up to 10 Gbps.

ADVA’s ConnectGuard Ethernet technology, which is built on an enhanced version of MACsec, uses cryptographic techniques including dynamic key exchange and hardware tamper protection. It also features comprehensive service assurance and testing functionality.

Colt’s Ethernet Line Encryption is now available in Europe, North America and Asia on metro, national and international Ethernet line circuits. Earlier this year, ADVA and Colt jointly displayed the comprehensive Layer 2 encryption service at the Berlinale Film Festival in a live proof of concept demo.

"We’re using the ADVA FSP 150 with ConnectGuard Ethernet encryption to offer robust protection for data in transport. Our Ethernet Line Encryption solution ensures that all data flowing through the Colt IQ Network is safe from attack. But what makes it especially valuable to today’s businesses is how straightforward it is to implement and that it only adds a few microseconds of latency and barely any impact on throughput,” said Peter Coppens, VP, product portfolio, Colt Technology Services. "

“Our FSP 150 ConnectGuard Ethernet technology enables encrypted connectivity with none of the complexity, latency and bandwidth cost associated with IPSec. Developed in compliance with the most stringent security standards, such as the US FIPS, it’s the ideal basis for an encryption-as-a-service offering,” commented Stephan Rettenberger, SVP, marketing and investor relations, ADVA.

http://adva.li/colt-encryption

Thursday, May 23, 2019

Credo announces MACsec device for 400G

Credo introduced a family of PHY devices supporting the IEEE 802.1AE media access controller security (MACsec) and internet protocol security (IPSec) standard for 10G through 400G port interconnects. The MACsec devices integrate 256-bit AES technology.

Credo said its new family of devices addresses security requirements for various Ethernet data link configurations in enterprise, cloud-scale data center, and service provider networks for both commercial and government deployments. This includes links between servers, switches, and routers.

"Adding security functionality to our industry-leading retimer and gearbox devices was a natural step for Credo," said Sandeep Shah, senior director of marketing at Credo. “We are able to deliver these solutions at low power in 28nm CMOS which translates into our customers ability to deploy systems with a competitive edge.”

The first member of the Credo MACsec family, the CMS42550, is available as a pin-compatible upgrade to the production shipping 400G gearbox, the CMX42550KP, which has been deployed in hyperscale data centers. The second member of the family, the CMS50216, doubles the MACsec throughput to 800G.

Highlights:

  • Supports MAC rates of 10G, 25G, 40G, 50G, 100G, 200G and 400G
  • 400G MACsec Gearbox / Retimer (CMS42550)
  • 800G MACsec Retimer (CMS50216)
  • Full MACsec Support
  • 512 Full SecY support
  • IEEE 802.1AE compliant
  • IEEE 802.1AEbn compliant (256-bit key)
  • IEEE 802.1AEbw compliant (extended packet numbering)
  • All cipher suites supported (GCM-AES-128/256, GCM-AES-XPN-128/256)
  • MACsec extensions: passing up to 4 x VLAN tags in clear
  • Full IPsec Support
  • Support for IP/UDP/ESP headers
  • Support for packets with VLAN tags
  • Advanced IPsec features for Enterprise, Data Center and Telecom applications
  • Each port can be configured to MACsec, IPsec or Bypass mode
  • Low power 28nm CMOS


http://www.credosemi.com

Wednesday, April 3, 2019

Aqua raises $62M for cloud-native security

Aqua Security, a start-up based in Tel Aviv, Israel, announced $62 million in Series C funding for its cloud-native security solutions.

Aqua’s Cloud Native Security Platform provides visibility and security automation across the entire application lifecycle, using a zero-touch approach to detect and prevent threats while simplifying regulatory compliance. Aqua has extended its platform to support serverless environments, and all major cloud and orchestration environments. Its solutions are available on demand with consumption-based pricing on the recently launched AWS Marketplace for Containers and Google Kubernetes Apps Marketplace, as well as on Azure Marketplace.

Aqua said it now has more than 100 blue-chip companies across the energy, aerospace, internet, media, travel, retail, pharmaceutical and hospitality sectors among its customers. The company also claims that its platform secures five of the world’s ten largest container production deployments.

“We are thrilled to have Insight Partners as investors to propel Aqua’s next phase of growth,” noted Dror Davidoff, CEO and co-founder of Aqua. “The adoption of cloud native technologies provides an opportunity for security to be redefined, addressing the chronic cybersecurity skills shortage through automation, and creating applications that are secure by design. With this significant investment and our focus on the needs of enterprise customers and product innovation, we can take the next step to realize our vision.”

See also