Big Data And Security: Solera Sees The Opportunity For VARs

Printer-friendly version Email this CRN article

Solera Networks rolled out a new channel partner program that it said could help VARs and service providers take advantage of enterprises' growing interest in tapping into big data repositories for security intelligence.

The South Jordan, Utah-based company introduced its 20:20 Partner Program, aimed at network security solution providers that can sell, install and maintain its DeepSee platform. DeepSee collects network packets and flows and can integrate with SIEM and IDS/IPS appliances, next-generation firewalls and anti-malware platforms. The company has technology partnerships with HP-ArcSight, LogRhythm, McAfee, Palo Alto Networks, Q1 Labs, Splunk, Dell SonicWall, Arbor Networks and Sourcefire.

In addition, Solera is readying a new DeepSee "black box" recorder that can be deployed by an enterprise and only be used by managed security providers and incident responders after a breach takes place. Partners offering incident response services can deploy the DeepSee black box to their clients for free. The appliance acts as an alarm system, silently monitoring what is happening on the network.


[Related: EMC's Greenplum: These 10 People Get Big Data]

"In the event of a breach, the service provider would break the glass and access the data they need to determine what happened," said Alex Seton, vice president of worldwide channels and strategic alliances at Solera. "At that point, costs would be incurred once the black box is recovered."

The trend for big data security analytics is now emerging as large organizations collect network packets and proactively mine them with logs and other data for security intelligence, said Jon Oltsik, a senior principal analyst at Enterprise Strategy Group.

Incident responders often connect their own inspection tools to network capture appliances when conducting breach investigations. Appliance makers' goal is to have strong analytics and incident detection and alerting combined with easy-to-use dashboard displays, Oltsik said.

"The traditional tools people use for incident detection are either not accurate or not scalable," he said. "It's about analytics and visibility; whatever vendor can look at realtime logs, flows and IP packets and bring those things together with the best rules and visualization wins."

Seton said Solera has been working with the channel on targeting midsize and large enterprise companies for the past year and a half. Solera typically sells to government accounts, but threats have moved from government to commercial enterprises trying to safeguard intellectual property, Seton said.

"We've seen that trend over the last two years and hence we need a commercial channel as well," Seton said.

NEXT: Solera Partner Sees Potential

Printer-friendly version Email this CRN article