Altor Networks
Encyclopedia
Altor Networks, Inc., a Juniper Networks Company, is the leading innovator and provider of security for virtual data centers and clouds. The company developed the world’s first firewall purpose-built for virtual networks, a software security "appliance"
that runs in a virtualized environment and enforces security policy on a per-virtual-machine basis. Data center administrators could pinpoint a broad range of virtual network security
comprises and easily create roles-based security policies. Security policies could be continuously enforced on individual virtual machines (VM)
, even as they moved throughout the virtualized data center.
Now in its fourth release, Altor’s hypervisor-based software is a comprehensive security package featuring integrated intrusion detection (IDS), VM Introspection, security automation, and compliance assessment. Recently named the RSA Conference Innovator of the Year and a Gartner Cool Vendor, Altor delivers virtualization security solutions that protect some of the world’s most demanding virtual environments, including those of media giant Nielsen Corporation and the U.S. Army Human Resources Command.
Headquartered in Redwood Shores, Calif., Altor was founded in 2007 by security and networking experts from Check Point
Software, Cisco
and Oracle Corporation
, and has received funding from Accel Partners
, DAG Ventures
, Foundation capital
, and Juniper Networks
. On December 6, 2010 Juniper Networks announced it has acquired Altor Networks.
platform release in the early 1970s. VM technology became more widely available with the release of VMware
Workstation in 1999, and the VMWare server line in 2001 . It has been estimated that 50% of workloads will be running inside virtualized environments by as early as 2012
Whenever virtualization technology includes a hypervisor
then a virtual network
can be created within the hypervisor layer to transparently network all the virtual machines operating under a single virtualized environment. This "virtual network
" provides all the benefits and administrative responsibilities
of a physical network, with the addition of some new challenges . The founders of Altor Networks became aware early on that adoption of virtualization technologies in data centers had been accelerating for many years and several problems in virtual network security in particular became immediately apparent:
It was decided that the way to address these unique challenges was to provide a solution that operated entirely within the virtualized environment as a purpose-built appliance to provide firewalling and other security services directly inside the virtual network without recourse to external hardware firewalls or intrusion detection
appliances, or any associated VLAN rerouting out of the virtual network to the physical network and back again.
was incorporated into the Altor VF 3.0 release in September 2009. And the recent release of Altor v4.0 now leverages virtual machine introspection to bring X-ray-like visibility to internal virtual machine states for accurate compliance assessment and automated security enforcement.
Currently Altor Networks offers a virtual security appliance for use within VMware ESX, with ongoing efforts to add support for Xen/Citrix
and Microsoft HyperV/Viridian platforms.
SANS Intrusion Detection FAQs
"Intrusion Protection and Detection within the Virtual Environment"
Virtual security appliance
A virtual security appliance is a computer appliance that runs inside virtual environments. It is called an appliance because it is pre-packaged with a hardened operating system and a security application and runs on a virtualized hardware. The hardware is virtualized using hypervisor technology...
that runs in a virtualized environment and enforces security policy on a per-virtual-machine basis. Data center administrators could pinpoint a broad range of virtual network security
Network security
In the field of networking, the area of network security consists of the provisions and policies adopted by the network administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources...
comprises and easily create roles-based security policies. Security policies could be continuously enforced on individual virtual machines (VM)
Virtual machine
A virtual machine is a "completely isolated guest operating system installation within a normal host operating system". Modern virtual machines are implemented with either software emulation or hardware virtualization or both together.-VM Definitions:A virtual machine is a software...
, even as they moved throughout the virtualized data center.
Now in its fourth release, Altor’s hypervisor-based software is a comprehensive security package featuring integrated intrusion detection (IDS), VM Introspection, security automation, and compliance assessment. Recently named the RSA Conference Innovator of the Year and a Gartner Cool Vendor, Altor delivers virtualization security solutions that protect some of the world’s most demanding virtual environments, including those of media giant Nielsen Corporation and the U.S. Army Human Resources Command.
Headquartered in Redwood Shores, Calif., Altor was founded in 2007 by security and networking experts from Check Point
Check Point
Check Point Software Technologies Ltd. is a global provider of IT security solutions. Best known for its firewall and VPN products, Check Point first pioneered the industry with FireWall-1 and its patented stateful inspection technology...
Software, Cisco
Cisco
Cisco may refer to:Companies:*Cisco Systems, a computer networking company* Certis CISCO, corporatised entity of the former Commercial and Industrial Security Corporation in Singapore...
and Oracle Corporation
Oracle Corporation
Oracle Corporation is an American multinational computer technology corporation that specializes in developing and marketing hardware systems and enterprise software products – particularly database management systems...
, and has received funding from Accel Partners
Accel Partners
Accel Partners is a global venture and growth equity firm funding companies from inception through the growth stage.The firm is based in Palo Alto, California with major offices in Bangalore, Beijing, London, and Shanghai....
, DAG Ventures
DAG Ventures
DAG Ventures is an American venture capital firm based in Palo Alto, California. It is known as a "coattail" fund for co-investing in later-stage private financing rounds alongside more prominent top-tier venture funds such as Kleiner Perkins, Sequoia Capital, Benchmark Capital, and Accel Venture...
, Foundation capital
Foundation capital
Foundation Capital is a venture capital firm located in Silicon Valley. The firm was founded in 1995, and manages over $2.4 billion in investment capital. It raised its seventh and largest fund of $750 million in April 2008...
, and Juniper Networks
Juniper Networks
Juniper Networks is an information technology and computer networking products multinational company, founded in 1996. It is head quartered in Sunnyvale, California, USA. The company designs and sells high-performance Internet Protocol network products and services...
. On December 6, 2010 Juniper Networks announced it has acquired Altor Networks.
Background
Computer virtualization has been in use on mainframe computers since the IBM VM/370VM (operating system)
VM refers to a family of IBM virtual machine operating systems used on IBM mainframes System/370, System/390, zSeries, System z and compatible systems, including the Hercules emulator for personal computers. The first version, released in 1972, was VM/370, or officially Virtual Machine Facility/370...
platform release in the early 1970s. VM technology became more widely available with the release of VMware
VMware
VMware, Inc. is a company providing virtualization software founded in 1998 and based in Palo Alto, California, USA. The company was acquired by EMC Corporation in 2004, and operates as a separate software subsidiary ....
Workstation in 1999, and the VMWare server line in 2001 . It has been estimated that 50% of workloads will be running inside virtualized environments by as early as 2012
Whenever virtualization technology includes a hypervisor
Hypervisor
In computing, a hypervisor, also called virtual machine manager , is one of many hardware virtualization techniques that allow multiple operating systems, termed guests, to run concurrently on a host computer. It is so named because it is conceptually one level higher than a supervisory program...
then a virtual network
Virtual network
A virtual network is a computer network that consists, at least in part, of virtual network links. A virtual network link is a link that does not consist of a physical connection between two computing devices but is implemented using methods of network virtualization.The two most common forms of...
can be created within the hypervisor layer to transparently network all the virtual machines operating under a single virtualized environment. This "virtual network
Virtual network
A virtual network is a computer network that consists, at least in part, of virtual network links. A virtual network link is a link that does not consist of a physical connection between two computing devices but is implemented using methods of network virtualization.The two most common forms of...
" provides all the benefits and administrative responsibilities
Network management
Network management refers to the activities, methods, procedures, and tools that pertain to the operation, administration, maintenance, and provisioning of networked systems....
of a physical network, with the addition of some new challenges . The founders of Altor Networks became aware early on that adoption of virtualization technologies in data centers had been accelerating for many years and several problems in virtual network security in particular became immediately apparent:
- The virtual environment had some unique security characteristics and needs;
- Those needs were not being addressed effectively by IT security vendors; and
- Traditional security technologies were ill-equipped to protect virtualized IT resources.
It was decided that the way to address these unique challenges was to provide a solution that operated entirely within the virtualized environment as a purpose-built appliance to provide firewalling and other security services directly inside the virtual network without recourse to external hardware firewalls or intrusion detection
Intrusion detection
In Information Security, intrusion detection is the act of detecting actions that attempt to compromise the confidentiality, integrity or availability of a resource. When Intrusion detection takes a preventive measure without direct human intervention, then it becomes an Intrusion-prevention...
appliances, or any associated VLAN rerouting out of the virtual network to the physical network and back again.
Products
Altor released the Virtual Network Security Analyzer (VNSA) as a tool to monitor and analyze virtual network traffic in March 2008, followed on by the Altor VF 1.0 (which included the VNSA as a module) in October 2008. Integrated signature-based network intrusion detectionNIDS
NIDS can refer to:* National Institute for Discovery Science* Network intrusion detection system, a system that tries to detect malicious activity by monitoring network traffic...
was incorporated into the Altor VF 3.0 release in September 2009. And the recent release of Altor v4.0 now leverages virtual machine introspection to bring X-ray-like visibility to internal virtual machine states for accurate compliance assessment and automated security enforcement.
- Altor VNSA (Virtual Network Security Analyzer) Released March 2008 (now part of Altor VF)
- Altor VF 1.0 (Altor Virtual Firewall) Released October 2008
- Altor VF 2.0 Released March 2009
- Altor VF 3.0 Released September 2009
- Altor v4.0 Released June 2010
Currently Altor Networks offers a virtual security appliance for use within VMware ESX, with ongoing efforts to add support for Xen/Citrix
Xen
Xen is a virtual-machine monitor providing services that allow multiple computer operating systems to execute on the same computer hardware concurrently....
and Microsoft HyperV/Viridian platforms.
Awards and recognition
Altor Networks accolades include:- “Most Innovative Company at RSA Conference 2010″
- Gartner 2010 "Cool Vendor"
- Interop Tokyo 2010 Best of Show
- SearchServerVirtualization 2009 Bronze Award: Altor Networks Virtual Firewall
- SC Magazine 2009 Innovator
- 2009 Frost & Sullivan North American Product Innovation Award for server virtualization security
- Network Products Guide 2009 Best Products and Services Award for Altor VF Virtual Firewall
- Info Security Products Guide 2009 Tomorrow’s Technology Today Award for Altor VF Virtual Firewall
- 2008 VMware Best of VMworld Finalist for Altor VNSA
Additional reading
"40,000 Firewalls! Help Please!?"SANS Intrusion Detection FAQs
"Intrusion Protection and Detection within the Virtual Environment"