Apani offers identity aware networks

BREA, Calif., February 3, 2009 – Apani, the preeminent provider of cross-platform server isolation solutions for large enterprises, today announced the launch of EpiForce 3.5, the newest version of its single-platform security solution for protecting both virtual and physical networks. EpiForce 3.5 adds identity-based access control and encryption to create an identity aware network that enforces security policy based on the identity of the connected user.

The intersection of several trends has made the enforcement of security policy based on user identity a requirement. First, the growth of mobile workers whereby company employees are granted access the corporate networks from multiple locations requires a greater degree of flexibility and accessibility to applications. Second, the growing use of contractors requires a similar flexibility as mobile workers, but accessibility for these employees increases the exposure of applications to unauthorized personnel. Third, the growing use of virtualization technology to make data centers more dynamic requires security solutions that do not rely on physical mapping to protect sensitive data and mission-critical applications.

"Most enterprise networks are unable to distinguish between guests, contractors and employees. Applications remain visible to all users, even if they are not authorized to access them, which creates an open invitation for malicious threats," said Lawrence Orans, research director at Stamford, Connecticut-based Gartner, Inc. "Identity-aware networks enable security administrators to make unauthorized applications invisible and create the audit trails necessary for many regulations."

"Companies require access from such a diverse group of ‘users’ that traditional anonymous networks provide far too much visibility to the assets we try to protect," said Scott Ferguson, vice president of product management. "A user’s identity is playing a far larger role in access control than just login credentials."

Apani’s EpiForce 3.5 provides a single security solution that enables an identity-aware network without requiring network readdressing or reconfigurations, eliminating countless hours of maintenance to support new security initiatives. EpiForce 3.5 is a software-based alternative to using network firewalls and VLANs for security inside the corporate network. EpiForce 3.5 can be installed, deployed and configured on top of existing network infrastructure without requiring changes to the infrastructure.

According to Ferguson, identity-aware networks created with hardware force users to replace networking equipment or purchase expensive upgrades. The policy control point is the network which forbids the same level of granularity and identity-based encryption options that are available in EpiForce. "The promise of an identity aware network is to have visibility into ‘who is doing what on the network, regardless of their entry point.’ However, we’ve found that enterprise decision makers are not willing to invest hundreds of hours of time to reconfigure their network to achieve the benefits. Many companies are looking to software to help achieve the goal."

EpiForce 3.5 provides the benefits of an identity-aware network to organizations with legacy systems, contemporary platforms and virtual environments. Working at the network layer, EpiForce deploys logical security zones that are transparent to network infrastructure, users and applications, enabling them to be quickly deployed and efficiently managed from a central console. Unlike hardware-based solutions that rely on physical locations and IP addresses, EpiForce creates an identity aware network that delivers security to mixed physical and virtual data centers independent of these requirements.

EpiForce uniquely offers corporate security departments the following:

  • The creation of logical security zones that control visibility and access to data and applications based on user and system authentication;
  • User and policy-based encryption of data in motion to secure network and inter-VM traffic from internal and external threats;
  • Satisfy regulatory requirements by isolating sensitive data and applications without readdressing or reconfiguring the underlying network;
  • Secure legacy applications without recording or requiring additional user intervention;
  • Manage access control and encryption policies on physical or virtual servers and clients from a central console, and from anywhere on the network;
  • Report generation on security activities such as administrators, client software alerts, configurations, exceptions and system status through open software or standard tools such as Splunk and Crystal Reports;
  • Support for over 50 platforms and legacy machines with high availability and fault-tolerant configurations.

As a software solution, EpiForce has a low total cost of ownership, which is less costly to deploy and manage on an annual basis than security hardware. EpiForce is easy to manage, offers exceptional scalability and simple administration. Based on the EpiForce 3.5 platform, EpiForce VM extends the value of identity awareness to virtual data centers. EpiForce VM is compatible with VMware vSphere to protect VMs created and managed with VMware ESX Server 3.5, VMotion and vCenter.

EpiForce 3.5 is available immediately. More information on EpiForce can be obtained by visiting www.apani.com.