Skyfence Emerges From Stealth Mode With Cloud Security Gateway

Skyfence Networks emerged from stealth mode Thursday with a new cloud security gateway, joining a growing number of emerging vendors with a platform designed to monitor employee access to and other Web-based services to protect corporate data.

The Israel-based security startup's cloud application gateway is now generally available following a yearlong pilot program. The gateway sits between the cloud application and the cloud users to provide protection, said Ofer Hendler, Skyfence co-founder and CEO.

Skyfence is looking to leverage the channel with its go-to-market strategy, hoping solution providers can help boost broad adoption of the cloud-based service. The cloud gateway can be deployed as a fully cloud-based service or as an inline proxy or non-inline sniffer.

"We analyze all the different protocols, we understand exactly who are the users, where they are coming from, which devices they use and what data is being accessed," Hendler told CRN. "At the end of the day, the big benefit to the enterprise is cost-effective, out-of-the-box security for all their cloud applications."

Sponsored post

[Related: The 10 Coolest Security Startups Of 2013 ]

"This space is all very much emerging and it's interesting how this whole thing is taking off," said Shaq Kahn, CEO of Fremont, Calif.-based security service provider Fortifire, a Skyfence partner. "Companies now have business units with well-established cloud services, and they need an effective security strategy around that."

Skyfence is coming out the gate with full user monitoring for threat prevention and data access reports. The company said its gateway also provides activity monitoring and reporting features for risk and compliance activities. In addition to identifying suspicious endpoints, the firm can detect brute force attacks on user accounts and man-in-the-middle attacks attempting to shadow user activity. Skyfence plans to add application analysis and risk scoring followed by data loss prevention and data encryption capabilities, according to the company.

Skyfence's service uses a reverse-proxy approach, sending the traffic flow through its servers for inspection. An analytics engine establishes a fingerprint or snapshot of employee behavior over time to uncover any anomalous activity that could signal a security problem. For example, an end user that typically signs into from San Francisco but suddenly is logging in from Beijing would be flagged as suspicious and locked out of his or her account, depending on company policy.

In addition to, Skyfence supports a variety of cloud-based services, including Amazon Web Services, Box, Google Apps and Microsoft Office365, among others.

User monitoring, intrusion prevention and insider threat prevention capabilities are enabled by default out of the box. The company's management portal provides administrators with a fairly easy way to set custom policies. For example, it can be set to prevent employees from accessing services via open wireless access points in an airport or cafe or from accessing certain sensitive data that may be restricted to certain group of users. It uses information from Access Directory to provide administrators with detailed information about employee usage, including any files being accessed and changed.

NEXT: Interest In Cloud-Based Protection Is Growing

Customers are embracing reverse-proxy gateways to help boost visibility and control over data in cloud-based services, said Fortifire's Kahn, who added that he expects Skyfence to bolster the gateway's features to better enable it to compete against established players such as Skyhigh Networks, which offers access control and application auditing.

Skyfence's service is priced at $40 a seat per year with discounted pricing for one-year to five-year subscription-based plans.

Skyfence's Hendler, a security industry veteran, previously was vice president of research and development at Websense and vice president of research and development at data leakage prevention company PortAuthority Technologies, which was acquired by Websense in 2006.

According to Hendler, today's Web security gateways were developed to provide data loss prevention and monitor internal employee behavior and do not focus on monitoring cloud-based services.

Skyfence's appliances also have Web filtering capabilities for businesses by inspecting links and websites frequently visited by employees for malicious code. Revamping Web security gateways to also provide protection for cloud-based services would be a difficult task, Hendler said, because it involves another set of protocols.

"It takes a lot of time to understand the protocols. They just don't have the ability to do it right now and it's not in their DNA," Hendler said. "Even next-generation firewalls, which are inline, the focus is internally at the end users."