back to article If we could just get a word in Edgewise... New kid says it can do data center firewalls better

Edgewise Networks launched on Wednesday with a project to reengineer the firewall and make it suitable for cloud-based environments by moving beyond traditional address-centric controls. The US startup's so-called Trusted Application Networking technology is designed to block the spread of network-borne threats by allowing …

  1. really_adf

    It sounds like this is something like "anti-spam for the network". (It's 2017, so also "with machine learning" of course.)

    Anti-spam is never perfect and inevitably either blocks some legitimate mail and/or allows some spam through.

    In this case the equivalent behaviour of blocking legitimate traffic does not sound much fun to diagnose, and of allowing some bad traffic does not sound very effective...

    What am I missing?

    1. 78910

      Rather than 'anti-spam for network', maybe this is more like 'selinux for network'?

      I'm not an expert in either but that's what it sounds like to me. Who can elaborate more?

    2. Robert Helpmann??
      Childcatcher

      What am I missing?

      The devil is in the details and we only have an executive summary. It looks like an interesting tool, but I would want to know how much training and time it would take to implement, how it will scale, how well it can be tuned (to your comment concerning error rates, really_adf), what kind of overhead it will impose on equipment and how much maintenance is required once it is put in place. This certainly does not sound like a fire and forget sort of application. Also, since it is a very young tech, I would expect there to be the sorts of issues that any new software brings.

    3. NS27

      NS

      (Disclaimer: I work for Edgewise)

      We are not an anti-spam product. It's a completely different approach which prevents compromise and attack progression of network-borne threats in the cloud and data center by allowing only trusted applications to communicate over approved network paths. More on our website: www.edgewise.net. Email us at info@edgewise.net for a demo.

      1. Robert Helpmann??

        Re: NS

        More on our website: www.edgewise.net

        I went looking for product guides and other documentation, but it looks as though I have to sign up for the beta release in order to get any of that. Not much there on the site, but I see you are hiring.

      2. gudguy1a

        Re: NS

        Ahhh, hello NS.

        After I read a few of the articles that have been released since yesterday, my very first thought was:

        "super white-list" or "white-list on steroids" and sent that out along with some of the press release content to my peers across the country as a new interesting possibility (can't say which organization, sorry). But I'm not in the top level for gaining a new product...

        Edgewise does sound promising because there are no 'hard' & 'true' edge to networks any longer as one person who talked about Edgewise indicated (in one press release) - but we knew that.

        And I know and have talked to the CTO of vArmour and their micro-segmentation product, which is at the address-control level - even that is still like a firewall (even if it is a good product).

        Basically, we all have a headache in trying to figure out how to effectively stop malicious activities & behaviour (I put in the 'u' for our UK friends). If there is a product that introduces 'machine-learning' to help stop the bad guys (and gals), let's see more.

        Good luck

  2. Alistair
    Windows

    There are ways and there are ways

    "ta center by allowing only trusted applications to communicate over approved network paths."

    The impression given by statements like this is that this is a default deny, whitelist approach, but using (FTA, and comment) authentication, domain controller, and ipcs to determine if both source and destination are 'known valutes'.

    Question: -> how much *additional* network traffic is added by the whitelist to authentication verification, and what are the timecycles like? What sort of authority level is required by the 'firewall' itself in order to run this toolset?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021