Today Guardicore announced that it has partnered with Mellanox to deliver the first agentless and high-performance, low latency micro-segmentation solution for high speed 10G-100G networks. The solution leverages both the Guardicore Centra security platform and Mellanox BlueField SmartNIC solutions to provide customers with hardware-embedded micro-segmentation security. This integration allows customers using BlueField SmartNICs to support micro-segmentation requirements for high speed networks or when other agent-based solutions cannot be used. The new solution is fully integrated and managed centrally by Guardicore Centra.
The exponential growth of the global datasphere is fueling demand for data centers that can keep pace with the speed, scale and security necessary to support digitally driven business,” said Pavel Gurvich, CEO and Co-founder, Guardicore. “We have long been committed to applying micro-segmentation techniques to help enterprise security teams cost-effectively reduce risk and limit the attack surface inside the data center without impacting performance. Partnering with Mellanox to offer an integrated solution is a natural extension of the many use cases we already support and allows us to address another set of specific customer requirements to protect data in high-speed, complex environments.”
The joint Guardicore-Mellanox solution addresses the challenges faced by enterprises seeking to gain visibility and to protect application workloads in high speed networks where it is not possible or practical to deploy and operate agents across their infrastructures, such as in cases of high frequency trading, multi-tenant hosting with cloud providers, or management of third-party appliances. The solution runs on the Mellanox BlueField SmartNIC, considered a computer on its own, and not on the enterprise infrastructure. It uses hardware offload to support high-speed and low-latency requirements. Deploying Guardicore technology on BlueField provides protection without compromising either the host or the compliance regulations in any way. Additionally, running the Guardicore solution integrated on BlueField delivers unmatched enforcement performance – allowing or blocking traffic at wire speed and without any impact to server performance. The solution gives enterprises the freedom to deploy Guardicore on every workload in any environment and at any scale, including private, public and hybrid cloud instances, while supporting the following deployment options:
- Agentless with BlueField SmartNIC – fully isolated from the host
- Hybrid –agent running on the compute node while taking advantage of the BlueField SmartNIC for hardware acceleration
- Native – the agent runs directly on the compute node on the host operating-system or in a guest VM/container, which is the traditional type of deployment for microservices.
The best choice of deployment options varies based on the environment and type of workloads, etc., for every enterprise. BlueField is perfectly positioned for bare-metal and Kubernetes deployments; running agents on the SmartNIC removes the need to deploy and maintain agents in these environments, enabling enterprise DevOps automation. BlueField also enhances the out-of-box experience for enterprises as they roll out microservices across their infrastructures, delivering improved agility, resiliency and business continuity.
The first agentless and high-performance micro-segmentation solution in the IT security industry, the combination of Guardicore Centra and BlueField enables ease of deployment and operations in both new and existing environments,” said Ariel Levanon, VP Cyber Security, Mellanox Technologies. “The combined Guardicore and Mellanox solution enables enhanced visibility and policy enforcement without installing agents on compute nodes. Agents are integrated into the BlueField SmartNIC in a manner fully isolated from the application workload, while also complying with strict regulations and embracing DevOps automation. As a high-speed SmartNIC, BlueField delivers unmatched performance that enforces micro-segmentation policies in 100Gb/s networks at full wire speed.”
