Volterra provides protected, distributed clouds for almost any application or network
The Volterra platform still seems a bit like a work in progress, but the core components are there and ready for companies that want to finally start consolidating their cloud and network management tools and devices.
Security as a service is probably one of the most popular SaaS offerings right now due to the ubiquitous nature of threats these days and the fact that countering advanced attacks requires finely tuned defenses. If a company makes or sells something like bicycles, then they probably don’t want to invest millions of dollars becoming cybersecurity experts. It’s not their business, and every dollar they spend in that area takes away from being the best in their actual field.
When we review security service offerings, one of the things we test is how well they integrate into existing network infrastructure, including clouds from different providers, private and public clouds, and the SaaS interface with existing on-premises assets. Volterra takes that compatibility a step further, providing cloud infrastructure as a service and then protects it with robust security.
The idea behind the Volterra platform is to simplify, or even eliminate, the many different management and security tools used to monitor and configure modern hybrid cloud networks. Doing that could save a lot of time for overloaded security teams, and from our testing, the various components in the Volterra platform work very well despite the fact that they have only been servicing customers for a few months.
Pricing to use the Volterra platform is reasonable considering the number of potential third-party programs, platforms and components that it could eliminate. Mid-size companies with up to 25 users and sites can commission Volterra for either $200 per node per month or 69 cents per node per hour. Large or even massive deployments are possible and can be customized according to needs. Price breaks are also available based on scale.
Describing everything that Volterra does is a bit like the old fable about blind men trying to comprehend an elephant piece by piece. Not every organization will want or need every component, though the whole elephant is available. For this review, we’ve tried to look at the most commonly used parts of the Volterra platform with an emphasis on network security.
There are two main categories of Volterra offerings, though they work together seamlessly if needed: VoltMesh and VoltStack. VoltMesh provides distributed network and security services and is the main focus of this review. VoltStack adds services and tools for distributed infrastructure and applications. Additionally, Volterra can provide a secure backbone through its global network, distributed storage, continuous verification and security for containerized environments.
Testing Volterra
Installation of the platform can fluctuate from a few minutes to a few weeks depending on which components are being used and what kind of network they are going to be monitoring. For example, if an organization is fully using AWS Cloud, getting Volterra tools and monitoring in place is almost instantaneous. Using the Volterra secure gateway and policing nodes throughout a distributed network takes more planning and time to install. For this evaluation, a fictitious ecommerce company was used with a moderate number of nodes and applications spread out in a combination of hybrid, public and private clouds, plus a few on-prem assets.
CSO
Because the Volterra platform can do so many things, the dashboard can be customized based on a user’s role. This is a general security health report of all the sites a company is managing, which is probably what a security operations manager would want to see when they log in.
CSO
The platform can track the location data for assets and what datacenter at Volterra they are using. In general, the platform will try to find the closest one, which is why the company spreads them out around the globe.
CSO
Because Volterra works from network level three to seven, it can track very specific traffic moving through an application or process and the network as a whole. It can spot troubles before they become a major problem.
CSO
Volterra allows for overall views of the entire network regardless of complexity, right down to single endpoints that might need help.
CSO
Volterra can spot when things are happening that should not be allowed and generates an alert. Currently it can’t rank those alerts or group them like a security information and event manager (SIEM). But the data can be offloaded to other devices designed to track those things. Company officials say that adding their own SIEM-like tool is a part of the roadmap for the product.
We started by logging into our fictitious company’s secure portal to manage assets as a security operations team member. Because of our role, we were shown all of the sites, nodes and assets that the platform was managing. The first thing that we did was create a new global firewall rule. This was a fairly simple task and our rule was pushed out to all of the firewalls throughout our infrastructure. Volterra provides firewall services as part of the VoltMesh product. It can manage other firewalls and check them for compliance, but over time an organization could also just let the VoltMesh platform handle firewall services to simplify operations.
Next we tested the ability of Volterra to bridge the gap across multiple clouds and on-prem assets. We did that by crafting a new global security policy. Doing that on a network with nodes from multiple cloud providers and types is always a big chore, as the rule normally has to be duplicated in each environment. But with Volterra providing the management functions, it was as simple as pushing the rule out to a homogeneous network. All of the relevant devices and platforms were automatically configured to conform to the new policy regardless of what kind of cloud they were in or if they were supporting the physical infrastructure. This would enable global rules to be pushed out in just a few minutes despite network complexity.
Next we logged back into the Volterra console as a developer. In this case, we were shown all of the applications and assets that the developer was responsible for managing. The emphasis for a developer is more on delivery, application health and load balancing, things that Volterra provides within the platform.
Looking at the service mesh graphic for the ecommerce application, we could tell that one area was slightly overtaxed while another was misconfigured. Fixing both those problems was relatively simple since Volterra provided a unified interface that was tapped into the entire infrastructure. In fact, because load balancing is provided by the platform, that problem could have been automatically fixed as it happened. It was disabled so that we could do it manually as part of our testing, which is also an option for customers who may not be fully comfortable with automation. Eliminating the misconfiguration was also quite easy.
Because Volterra has access to the network from Layer 3 though Layer 7, it can spot most traffic anomalies as well as attack indicators. It generates alerts when something bad is detected, but currently can’t rank or prioritize them like a security information and event manager (SIEM) would. The data can be offloaded to an SIEM, but organizations won’t be able to consolidate that component of their security infrastructure through Volterra just yet.
The bottom line
In a lot of ways, Volterra is ahead of the curve. Providing network monitoring and security from end to end across multiple clouds and network types is the natural progression of the movement to SaaS. It still seems a little bit like a work in progress, but the core components are there and ready for companies that want to get in on the ground floor and finally start consolidating their fleet of cloud and network management tools and devices.
Copyright © 2020 IDG Communications, Inc.