by OpsGuru

OpsGuru partners with Valtix to accelerate Cloud-Native Network Security adoption

At OpsGuru, we like to think we’re forging a different pathway than most boutique consulting groups. We believe that given the right foundations, regardless of the combination of public and private clouds, companies can launch truly disruptive technologies upon strong foundations. We believe it so much in fact, that we’ve built technologies that enable these foundations for all major cloud vendors.

But what about network security? Why does it feel as if we’re virtually racking and stacking the same appliances that were deployed in our datacenters decades ago? The answer, somewhat surprisingly, is that you are indeed virtually deploying the same appliances of yesteryear. Most network security vendors have practically taken the same codebase from their on-premise systems and virtualized it for the cloud. Perhaps they’ve added a few bells and whistles, but does this sound like a cloud-native solutionFor a network security solution to be cloud-native, customers should expect rapid deployments, Pay as you Go (PAYG) models and theoretically limitless scaling options with little operational overhead, so why do most network security solutions still require host-by-host, network-interface-by-network-interface low-level routing configurations, and any attempt to configure scaling quickly becomes a punishment?

OpsGuru was founded on the core principles, Openness and Pragmatism. When we look to advise our customers on best of breed network security solutions we look for native cloud provider support, time to value and scalability. All of this is found in the solution from Valtix.

As a true Next-Generation and cloud-native network security solution, Valtix offers the same deep capabilities you expect from existing solutions however it’s entirely orchestrated by a SaaS-based network controller. Valtix secures Amazon Web Services, Microsoft Azure or Google Cloud environments of any complexity, and is installed within minutes. This provides several layers of protection against advanced attacks from the Internet against web (HTTP/S) and non-web applications using OWASP Top 10 and advanced application-specific rules, preventing lateral movement of threats between VPCs with IDS/IPS, and stopping exfiltration of sensitive data for outbound connections using URL filtering to only known and allowed safelist sites.

YouTube video player

On Valtix, this can be implemented using tags, such that only communication with a pre-approved list of locations are allowed. It is easy to set up a scheme such that all “dev” workloads can go to anywhere on GitHub, all “Linux” instances can get updates from canonical.com, while “prod” workloads can only go to specific organizations on GitHub and approved AWS S3 buckets, or “pci” workloads can only connect to amex.com/paymentprocessing and a small set of whitelisted destinations. Valtix complements the basic controls of security groups and provides deep security-as-a service without the complexity of deploying and managing tens of appliances.

Deployed using a cloud-native approach, Valtix is able to discover applications (instances, load balancers, VPCs…) and deploy the service and defend applications in less than one hour. This DevOps-friendly approach empowers security teams to deploy an auto-scaling security service without incurring the costs and complexity of multiple web application firewall (WAF) and next-generation firewall (NGFW) vendor appliances.

Both OpsGuru and Valtix staunchly advocate for lowering entry barriers to cloud-native implementations. Both teams work for features that scale infinitely according to demand, deployable to all locations regardless of underlying infrastructure providers and built with resiliency against disruptions. OpsGuru has chosen to partner with Valtix as a cloud network security partner because ensuring network to be always available and secure, no matter the scale of traffic is important to long-term success.

Interested in learning more about how to adopt a cloud-native architecture? Do you want to explore how a cloud-native network security solution can improve your tech stack? We’d love to hear from you.