GuardiCore Centra provides visibility, protection through advanced micro segmentation

The GuardiCore Centra solution takes complexity out of micro segmentation by providing visibility into network assets and activity.

fog visibility island

Micro segmentation is one of the most advanced security methods that organizations can employ to protect critical assets, users, and data from both outside hackers and malicious insiders. Authorizing every process, app, user and service within a network, and what each of them can do and how they can interact, while denying everything else, is a heck of a gauntlet to throw down. It’s difficult not to use an adjective like bulletproof when describing good micro segmentation, even though we know the bad guys always seem to find a way around security eventually.

The biggest problem with micro segmentation is that it requires a huge amount of insight and visibility into a network to be protected, at both layer 4 and layer 7, which almost no organization currently has. It’s also by its nature very limiting, tightly restricting what users can do and how they can do it. Unless there is some relatively smooth procedure for authorizing new, or modifying old, processes on a network as needed, micro segmentation could accidentally restrict valid users from doing their jobs.

What GuardiCore Centra offers

The GuardiCore Centra solution takes these factors into account, eliminating much of the complexity normally associated with micro segmentation from the initial installation to ongoing program management. It’s even designed to be installed in stages if desired, existing as a robust but scaled down, agentless protection program at layer 4, or as a full-scale micro segmentation solution with agents employed on all assets in a layer 7 enabled protection suite.

Centra is also flexible enough to be deployed in virtually any configuration including on premises, within a cloud environment, or as software as a service (SaaS) running in the GuardiCore cloud. In the SaaS model, no proprietary information leaves the host network, only metadata. It can even operate in clouds that employ heavy software-defined networking, constantly adapting and tracking the shifting network topography. Pricing for Centra is likewise designed to fit into any environment and generally follows a scaled annual subscription model with costs starting at $2,500 per physical server protected and $250 per virtual machine hypervisor.

Users get access to the entire Centra suite with their subscription, including the ability to operate at layer 4 or layer 7, a discovery and visibility component, and even a dynamic deception tool to capture rogue users or apps attempting to violate segmentation rules. GuardiCore Centra was tested on virtual machines running in a cloud environment.

Visibility into network assets and activity

Because there can be no micro segmentation without visibility, GuardiCore Centra concentrates first on providing an extremely deep view of network assets and activity. In can do this in one of two ways. First, a virtual collector appliance can be deployed to collect traffic and application data. This gives a lot of insight as to activity, including the ports that various applications are using, and the data can be a good starting point to defining new policies as part of segmentation.

To continue reading this article register now

Make your voice heard. Share your experience in CSO's Security Priorities Study.