Nakina Systems is trying to establish a new beachhead in the network security space, launching what it calls a "secure network auditing platform," which applies big data and analytics, layered on top of network configuration scanning and identity access management, to address the complex security challenges of today's heterogeneous networks, including physical and virtual elements. (See New Nakina Platform Targets SDN/NFV Security.)
The announcement comes as security concerns are growing around deployment of SDN and NFV. While both offer the potential for improving security, they also introduce new vulnerabilities and a period of uncertainty, as functions and equipment go from being rooted in established network approaches to being much more dynamic. (See The Security Challenge of SDN.)
The addition of billions of connected devices and extended wireless network connections in the Internet of Things creates a major new attack surface, with many more points of vulnerability, notes Rob Marson, VP of global marketing for Nakina Systems Inc. Service providers need new ways to enable identity management and detect and prevent security threats that take into account the much more dynamic nature of their networks.
The new NII Defender builds on Nakina's Network Integrity Framework, the software vendor's management and network orchestration (MANO) enablement platform, designed to create a layer of abstraction and allow orchestration at a service level across multiple domains and out to multiple endpoints. Nakina already offers a suite of integrity applications for managing and security physical and virtual networks. (See Management & Orchestration Enablement Strategies Required for NFV Commercial Success.)
"With NII Defender, we have integrated a couple of existing apps into a solution that we are calling a secure network auditing platform," Marson says. "As the name implies, it helps protect the network by applying security policies and doing continuous network-wide configuration scanning."
Nakina also enhanced its Network Integrity Framework to allow the automation of business processes, he says, and that is built on exposing northbound APIs into a data analytics layer. As data is collected, it can be analyzed and anomalies can be detected and security policies and/or traffic quarantines applied to prevent and react to potential threats in the network, regardless of where they occur.
As more IT-based gear including servers, hypervisors and other data center equipment is integrated into the service delivery process, taking an end-to-end approach becomes more critical, Marson notes.
"We are getting a lot of good traction on this with customers who are reaching the critical stage where their networks are so big they can't protect and secure them, and now they are introducing NFV and SDN, and the network is changing underneath," Marson says. "The service provider community doesn't have a greenfield environment so it's small cells, macro cells, DSLAMs, legacy voice systems plus virtualized networks and the cloud."
Nakina believes it is offering a holistic network security system that can keep all that together and Marson says the approach is fueling the software company's growth.
In addition, the new system enables service providers to issue compliance reports and "network integrity scorecards" that provide a full audit of user networks, as part of a managed network security service, he notes.
"That seems to be resonating as a potential high-value use for our solution as well," Marson says.
— Carol Wilson, Editor-at-Large, Light Reading