“As the enterprises are moving to public cloud, a lot of principles are the same but the implementation is different in cloud. Enterprises need to ensure that both data-in-transit and data-at-rest are encrypted in public cloud.”
Hi Vishal. Please tell us about your role and the team / technology you handle at Valtix. How did you arrive here?
I am the co-founder and CTO of Valtix. We offer the first and only Cloud-native Network Security Platform to secure enterprise applications in public cloud. My co-founders and I just finished doing Software Defined Networking (SDN) in our previous startup which built ACI for Cisco. SDN was a revolution for networking infrastructure necessary for the virtualization transition. We saw a similar transition at a customer level where enterprises are either migrating their applications or building new ones in public cloud. Network security was lagging behind in both the transitions and was still box-based. We saw an opportunity to help customers as they are moving to the cloud and that is why we created Valtix with a mission to offer Enterprise-Grade Network Security for Cloud-first IT.
How has your role evolved during the pandemic? How did your previous experiences with technology management help you scale your efforts and meet unprecedented challenges?
Like every company on this planet, when the pandemic hit early last year, we all started working from home. I had experiences in the past managing big distributed teams (across time zones, across countries) so that experience really helped this sudden change. In addition, we were all in the cloud, everything accessible over the internet with no need of VPN or remote access challenges. We have doubled the team in last year and half and much of the team we have not seen face-to-face. On the other hand, selling became very different, getting both customers and the sales team used to this different world is where we are focused on in this new world.
Can you tell us more about Valtix and how you leverage Cloud computing capabilities to transform InfoSec offerings?
Valtix is wholly focused on cloud network security. So think about the advanced suite of network security services enterprises have got accustomed to but delivered as a cloud native service for public cloud workloads. Valtix is born in the Cloud and leverages Cloud in a big way.
One of the mantras we adopted was that the management system cannot have management overhead, it needs to be infinitely scalable, API driven etc. So using SDN principles, we split the data plane and control plane and took the entire control plane and stuck it in the cloud and delivered it as SaaS. Now for the data plane, that lower portion of the SDN style split and that’s where you actually enforce network security, SaaS is not the best architecture. If you’re talking to an Enterprise about backhauling production application traffic to a vendor’s Cloud environment that’s usually met with a lot of skepticism either due to compliance/regulatory, performance or cost concerns. So we implement the data plane as a PaaS that sits in that customer’s cloud account so customer’s production traffic never leaves the customer accounts.
What is the most contemporary definition of IT data management practices? How does it fit into the current security universe disrupted by AI ML and Deep Learning?
Let me focus on the security aspect of data management practices. As the enterprises are moving to public cloud, a lot of principles are the same but the implementation is different in cloud. Enterprises need to ensure that both data-in-transit and data-at-rest are encrypted in public cloud. Enterprises need to understand that in this shared responsibility model in the cloud, things like credentials, key management are well understood. Key management for some enterprises is a highly sensitive thing and they need to look for security solutions that do not require enterprises to share private keys of their applications and infrastructure with the security vendors. On the latter question, security itself generates massive amounts of data and we see a lot of customers applying AI/ML to that.
As the CTO of a Cloud-native IT ops service provider, how do you keep your own company protected from security risks?
First as an architecture principle, Valtix does not carry customer private keys or route their production traffic to us. As I had shared earlier, our dataplane (that enforces network security controls) is delivered as a PaaS in customer cloud accounts. However, we do have a SaaS delivered Control Plane where security policies are configured and managed. We follow the best practices here, have regular audits like SOC2/ISO27001/PCI etc…, certifications, Pen Testing and security awareness training for our employees.
What are the major security challenges for IT-driven companies that have erupted in the recent times? How can IT Ops automation models transform the business outcomes?
In recent times, we are seeing enterprises adopt more automation in the cloud. This would include an overreliance on automation, such as updates that are pushed from third-party software and services suppliers. This can lead to major security challenges. IT Ops automation models definitely help businesses get a positive outcome, increased innovation, agility and lower TCO. However, given recent security breaches like SolarWinds, enterprises need to ensure that automation is executing tasks that are valid and appropriate, and they have appropriate visibility and security controls in place to do just that.
What kinds of IT frameworks are most susceptible to cyber attacks? How does Valtix ensure protection to traditional IT companies who may not have a CIO in their hierarchy? Do you provide any kind of consulting services to such companies?
All. If you have something of value, then you are subject to cyber attack in this digital world. Security gaps would increase further if no one is in charge and various teams are working independently in an organization, there is no shared understanding and limited change control. Valtix ensures protection to these kinds of organizations who may not have a CIO by offering security that is adaptable to the dynamic nature of cloud and organization. Specifically, network controls are misunderstood by many – DevOps thinks that the Cloud is natively providing it. SecOps thinks DevOps is doing it. The reality is that the traditional netsec controls are ill-suited to the public cloud. Some problems like egress security, lateral movement, and layered defenses have changed in the cloud. Valtix solution (delivered as a service) offers complete visibility of a very dynamic environment – applications, networking and traffic patterns – and places network security controls automatically and appropriately in across ingress, egress, east-west, and DNS traffic.
Tell us more about the hiring trends in the security industry. What kind of talent / skills do you hire for in your company to lead Product and Marketing?
On the engineering and sales engineering side, we hire folks with cloud, security and networking skills. However, the most important skill in a startup is being able to adapt and learn new stuff. Same applies to hiring in marketing and other go-to-market functions.
Tag a person from the industry whose answers you would like to see here (Name, Title, Company, LinkedIn Link):
Neil MacDonald, Vice President and Gartner Fellow Emeritus at Gartner
Joe Skorupa, Vice President and Distinguished Analyst at Gartner
Thank you, Vishal! That was fun and we hope to see you back on itechnologyseries.com soon.
[To participate in our interview series, please write to us at firstname.lastname@example.org]
Vishal is the Co-Founder and CTO of Valtix. Vishal was also the founding CEO of Valtix. Vishal is a seasoned executive and has held engineering leadership roles across many successful startups and big companies in the networking and security space. Vishal was an early member of Andiamo Systems, Nuova Systems, and Insieme Networks, which were acquired by Cisco Systems. Vishal was also responsible for leading the security engineering team at Akamai and built their live streaming service in their early days. Prior to starting Valtix, Vishal was co-founder at Pensando Systems where he was leading security and infrastructure teams. Vishal holds an M.S in Computer Science from the University of Pittsburgh and a B.Tech in Computer Science from the Indian Institute of Technology, Delhi.
Valtix is the industry’s first cloud-native network security platform. The company combines best-in-class security with the easy deployment endemic to delivery as-a-Service. Valtix supports customer application environments in AWS, Azure, and GCP, and offers organizations full control over security without the burden of maintaining network security infrastructure. The platform is architected with built-in auto scale, app-aware security policy and a single-pass pipeline for TLS, advanced FW, IPS, advanced WAF and more.