Startup Taps Grid Computing For High-Performance Security

Unified threat management (UTM) has been aimed primarily at SMBs and branches offices, largely because of performance issues. UTM appliances often struggle when running multiple security applications in high-traffic environments. Newcomer Red Lambda has a novel approach to this problem: grid computing. The company believes it can scale up security performance using an enterprise's own computing resources. The software-based product, FireGrid, leverages unused computing capacity to deliver application firewall, intrusion detection/prevention, anomaly detection and application-based traffic shaping at 10Gbit/sec speed, Red Lambda claims.

"The UTM market has been plagued by performance issues, especially in large enterprises, which is what they are targeting," says Paula Musich, senior analyst for Current Analysis. "They realized that security is a highly computer-intensive operation, so why not use excess computing capacity to solve that problem, thwarting threats at lower cost." Red Lambda's grid computing platform, AppIron, is deployed on as many a 50,000 devices at one customer and on a single gateway server at another, according to the company.

Red Lambda president Robert Bird claims that computing power ceases to be an issue once the software is installed on 15-20 systems and can maintain full functionality with 30 percent churn--that is, Red Lambda assumes that up to 30 percent of the devices on the grid may be turned off at one time. Bird says grid computing power is a major advantage for the product's Intrusion Prevention System (IPS). IPS has historically been hampered by compromises between detection ability and performance so that security appliances don't become choke points on the network.

FireGrid produces network telemetry information based on live packet analysis, rather than tools such as NetFlow, so it can produce something closer to real-time anomaly analysis, Bird says. The product also leverages highly granular identity-based analysis that can track user activity, making it particularly effective against insider threats. Additionally, it associates individuals with the device they are currently logged in on, so if someone logs on with stolen credentials, they will be blocked if the real user is already on the network.

FireGrid is currently in private beta, and Red Lambda is soliciting beta customers. The company aims to release a production version in the first quarter of 2011. The company also sells Integrity, a P2P control tool based on the AppIron platform. It's largely aimed at combating music and video piracy, and is sold primarily into the higher education market.

The company faces an uphill battle to break into the enterprise security market. While grid computing was a hot topic a few years ago, emphasis has turned overwhelmingly to virtualization to maximize hardware efficiency. "On the technology side, they've got clear and smart ideas," says Current Analysis' Musich. "But they're approaching the problem from a different angle that will make people scratch their heads. They need to be equally effective on the marketing and sales side."

Beyond the marketing effectiveness, as a new entry in the security market, Red Lambda has to prove its technology is at least as effective as more traditional security products. They can do this through testing with beta customers and perhaps by submitting FireGrid to independent lab testing.

"They have to convince chief security officers that they have the chops and that their code is truly effective," she says. "It's apparent in the security market that you need the research and threat intelligence gathering operation, and they don't have that. It's another uphill climb."