A Mountain View, Calif.-based startup has come out of stealth mode to launch its cloud security platform with an approach that is designed to add intelligence to existing security infrastructure by providing dynamic, context-driven updates to security devices in response to changes in the network. 

NetCitadel Inc. rolled out its OneControl Security Orchestration Platform, which helps to make sure that network security policy changes are accurately implemented across cloud, virtual and physical environments. The OneControl Security Orchestration Platform is a virtual appliance designed to automatically orchestrate security intelligence by mapping context about cloud, virtual and physical environments to a variety of security infrastructure and vendor devices.  

The company, which formally launched on Jan. 29, was originated to solve a problem its founders saw around enterprises that was driven by virtualization, BYOD and cloud computing, with the goal of making network security infrastructure agile, NetCitadel CEO and Co-Founder Mike Horn said in an exclusive interview with TechZone360. Company executives outlined the basis for their business, underscoring that the platform produces results in minutes rather than weeks.

“What we found was enterprises were struggling because their security infrastructure was designed for a network world that was much slower,” Horn explained. “We have taken a manually intensive process that takes days or weeks to an automated process that takes days or minutes.”

As Horn explained, IT is challenged with delivering agility, security and compliance in increasingly dynamic data centers and networking environments that include virtualization and cloud. 

“They are struggling to cope with the volume and the expectation around response time around security policies,” he said. “In the past it’s really been a people problem – with change requests from virtualization teams, from cloud things happening in the infrastructure – they are stuck in the middle trying to handle all of these requests. They are trying to cram a lot of intelligence into security operators.”

The security process today is a manual one – which inevitably leads to errors and problems. Typically, this process requires manual changes that are time-consuming, static, and susceptible to human errors, while failing to enforce consistent policies across dynamic and heterogeneous physical, virtual and cloud environments.

“That’s where we saw a big opportunity – to develop a new technology not to replace those people, but to think about the system policies – and the communication that should be allowed. We now have an automated process that speaks the appropriate language to the appropriate devices,” Horn said.

By working with NetCitadel, he said enterprises can adapt to changing business needs, like expansion to virtual and cloud environments, with centralized security intelligence that follows users, applications and workloads.

In addition to reduced security exposure, the platform can also improve operational efficiencies, deliver agile security services, extend ROI for legacy security infrastructure and accelerate cloud adoption, according to Anthony James, vice president of marketing at NetCitadel.

OneControl 's Dynamic Object dashboard allows administators to mapobjects from Virtualization and Cloud to traditional security devices.

While many companies have jumped on the “software defined” bandwagon, the solutions they offer should be based on the capabilities they enable. Today, security policies need to shift from hardware-based attributes to logical and context-based attributes, such as applications, virtual machine (VM) identities, user or group identities, and sensitivity of content, according to Neil MacDonald, principal analyst at Gartner.

“A common misconception with the shift to software-defined security, is that all security controls must move to software,” MacDonald wrote in a recent report. For security, the primary goal must be to ensure that the appropriate security controls automatically remain in place, regardless of where an application moves, whether on-premises or to public clouds, and without requiring rearchitecting security controls.”

NetCitadel OneControl is shipped as a virtual appliance and provides modular security options, including the Virtual Security Module and the Cloud Security Module, which are sold as add ons. The Virtual Security Module enables tracking of virtualization environments (e.g. VMware vCenter) and maps this information to network security infrastructure. The Cloud Security Module is also sold as an add-on to OneControl. It adds support for tracking cloud environments (e.g. VMware vCloud Director or Amazon AWS) and maps this information to network security infrastructure. Additional modules are expected later in 2013.

OneControl's Policy Manager allows administrators to manage existingsecurity policies and dynamic object for traditional security devices

In terms of pricing, the OneControl Security Platform is available directly from NetCitadel with pricing starting at $25,000 for up to 25 security devices, and increases depending on the number of additional devices supported. Pricing for the Virtual Security Module and Cloud Security Module start at $7,500 each.

NetCitadel is venture backed, with NEA leading its Series A round of funding. Horn declined to specify the total investment secured to date.