SDN Watch: NetCitadel Pledges Dynamic Security


NetCitadel, a startup in the emerging market for software-defined network security companies, on Tuesday emerged from stealth mode and unveiled its flagship product, the OneControl Security Orchestration Platform.

The idea behind the platform -- and NetCitadel -- is that virtualization and cloud technologies have made network infrastructure and data centers more dynamic, but the security technologies intended to protect those dynamic environments haven't kept pace.

In particular, the company's executives argue, most security solutions intended for heavily virtualized environments still require manual policy and provisioning changes, which are inefficient and also inadequate for enterprises that have mixed physical, virtual and cloud-based technology assets. The idea is to counteract what Gartner pegs as 95 percent of firewall breaches over the next six years that will be caused by configuration errors, not firewall flaws.

[Related: 13 SDN Companies To Keep An Eye On In 2013]

OneControl provides what NetCitadel describes as "context-aware security infrastructure," in the form of a virtual appliance that separates a network control plane from policy enforcement points. In essence, customers can use OneControl to create context-aware security using their existing infrastructure, applying intelligence -- and single-pane management -- across virtualization platforms such as VMware vCenter and security products such as Cisco ASA and Juniper SRX.

"The pressures of BYOD and cloud and virtualization are a tactical problem for enterprises in the near-term," Mike Horn, NetCitadel's CEO, told CRN. "But this infrastructure is also growing, so one thing our platform does it make it easier for enterprises to manage all the other security vendors they have, whether it's Cisco or Juniper or Check Point, and also future-proof their technologies. They get better management of what they do today and have a better path forward integrating into things such as cloud."

Founded in 2010 and based in Mountain View, Calif., NetCitadel is venture-backed by New Enterprise Associates (NEA) and other investors. The company took in a Series A round of funding but has not disclosed the amount.

OneControl is sold as a virtual appliance, with module add-ons covering virtual and cloud security features. List pricing begins at $25,000 for up to 25 security devices and increases depending on the number of devices customers need to support. Module add-ons start at $7,500 a piece.

"Customers will find value in the base platform, but as they roll out a policy change, they can synchronize it across multiple platforms and multiple vendors," said Anthony James, vice president of marketing. "This is a policy language our team built. It's an abstraction of traditional security policies that gives administrators an environment where they can make updates in real-time."

NetCitadel is targeting the upper-end of mid-size enterprises and also large enterprises, where "most everyone has a multivendor environment," Horn said, "especially when you have traditional firewall and network access control."

Horn said NetCitadel will initially sell OneControl direct to customers, but that it intends to develop a channel strategy down the road.

"It's on our minds," he said. "The security-focused channel partners will be a great opportunity for us to go to market with once we are established."

The company's executive team comes from all over the tech landscape. Horn held product management, engineering and operations roles at companies including Vidder, Avistar, Level 3 and Virtela. The other co-founders include CTO Theron Tock, who co-founded and served as CTO of Neoteris, later acquired by Netscreen and then Juniper, and Chief Engineer Vadim Kurland, a key executive on the network tools team at Google.

James was previously vice president of marketing at FireEye, and he also ran product and marketing teams at Fortinet, and, before that, Blue Coat. Vice President of Engineering Mike Morris previously spent 11 years at VMware, while Vice President of Sales Neil Stratz ran sales and technical teams at Juniper and Juniper acquire Altor Networks, CA/Wily Technology, Precise Software, Brio Technology, later sold to Oracle, and Informix, later sold to IBM).

The company is hiring, Horn added.

PUBLISHED JAN. 29, 2013