CRN Exclusive: Opaq Networks Combats Lateral Attacks With New Network Segmentation Feature

Opaq Networks has introduced network segmentation capabilities to its security offering to thwart threats that move laterally between workstations, servers and other endpoints.

The Herndon, Va.-based security startup said the microsegmentation would make it easier to layer in multi-factor authentication for highly-sensitive situations such as a system administrator attempting to log into active directory, according to Ken Ammon, Opaq's chief strategy officer.

Opaq's method of providing security from the cloud is easily understood, Ammon said, but until now presented challenges related to internal East-West attacks that some customers felt compelled to address through non-cloud software and capabilities.

[Related: CRN Exclusive: Opaq Networks Goes All-In On Channel With Launch Of Partner-Exclusive Sales Model]

id
unit-1659132512259
type
Sponsored post

As a result, Ammon said end users were still having to add additional network rules, leave firewalls locally and buy NAC capabilities when they moved their security into the cloud. However, with Opaq PathProtect, announced at The Channel Co.'s XChange Solution Provider 2018 event, Ammon said customers can now leave all of that behind.

PathProtect can instantly quarantine compromised endpoints rather than having to depend on the compromised machine to obey rules, which Ammon said is ineffective. PathProtect will be available this spring at no cost as part of the Opaq Cloud and supports Windows desktops and servers, MacOS and Linux.

The continued use of local firewalls and non-cloud software meant that MSSPs would have to send people to customer locations and replace gear, Amnon said. PathProtect's software-defined network segmentation capabilities, however, will allow channel partners to reconfigure from a single cloud portal without having to send people on location, according to Ammon said.

Building network segmentation technology is very complicated and requires lots of trials and testing since there needs to be kernel level in place from a programming perspective, Ammon said, but Opaq got a leg up through its May 2017 acquisition of Drawbridge Networks. Since then, Opaq has cloud-enabled Drawbridge's platform so that it could be put into practice as part of the company's security offering.

"This has been years in the making," Amnon told CRN exclusively.

The network segmentation also allows Opaq to better mine telemetry data from the endpoint to figure out the OS version, which programs are running, and what backup is running, Ammon said, simplifying the asset detection and identification process and giving businesses lots of useful information when attempting to determine policy alignment.

Opaq's provisioning of security through the cloud appeals to customers looking to get cybersecurity off-premises since they lack room in their data center or don't have the technical people on staff to do a good job managing it, according to Tom Turkot, vice president of client solutions for Buffalo Grove, Ill.-based Arlington Computer Products.

Turkot therefore believes that microsegmentation features that help prevent lateral attacks would be a good, logical addition to the Opaq Cloud.

"They're trying to make this as bulletproof as possible," Turkot said. "It's a logical extension of what the initial offering was."

Going forward, Turkot would like to see Opaq focus on Bluetooth and other IoT devices connecting to the network that aren't being tracked by firewalls. Security platforms need to have a better understanding of what these devices are actually doing, Turkot said, and take steps to shut down or block access to these devices if they're unwelcome.

"If you don't know what's hitting your network, you can't protect yourself from it," Turkot said. "These devices are only going to get smarter."