SYS-CON MEDIA Authors: Xenia von Wedel, Peter Silva, Glenn Rossman, Ava Smith, Elizabeth White

Related Topics: Security, Java, SOA & WOA, Web 2.0

Security: Blog Post

Lancope’s StealthWatch Turns Enterprise Networks into Secure Sensor Grid

Interview with Mike Potts, CEO of Lancope

Thanks for taking the time to answer my questions. Please tell us, what is Lancope all about and what do you do?

Mike Potts, CEO of Lancope: Good to be with you today....

Lancope's mission is to constantly deliver to our customers an overwhelming advantage in cybersecurity defense. We do this by turning the network into an online sensor grid providing superior network visibility and security intelligence.

With the perimeter security model 1.0 having become very porous and unreliable for stopping new age attacks (attacks without signatures, advanced persistent threats, and the evolving insider threat), a new set of security 2.0 requirements has emerged.

Through our more than 200 security algorithms, we are able to digest metadata known as NetFlow coming off of switches, routers, and various perimeter security devices to present an actionable, continuous macro level view of what has seeped through the perimeter.  Using many of the same data sources, we are also able to get a complete view of intra-network activity to identify and shut down malicious actions long before a widespread security breach could occur.

What's new at Lancope? Pls be specific with model description etc.!)

Potts: We just released StealthWatch version 6.5 and our FlowSensor 4000.  This combined offering enables us to deliver massive scalability to the largest service providers and enterprise data centers while also offering a more intuitive interface to enable a broader group of users.

The StealthWatch FlowSensor 4000 is able to handle up to 20 gigabits of sustained bandwidth to ensure our customers are able to capture the metadata required to get a complete macro view of their environment.  This is nearly a 4x increase from our previous capability.

In StealthWatch 6.5, our product managers and engineers have delivered a much more intuitive product for ease of use, with improved dashboards and enhanced security intelligence capabilities to provide actionable information for faster detection and removal of threats.   Through our StealthWatch Labs security research team, we have also provided additional protection from major threats by delivering behavioral security algorithms to Lancope customers outside of their product update cycles, as well as  the ability to create their own custom security event alarms.

Who is your target audience and how do you intend to reach them? What is the biggest challenge you face right now in telling your story and winning over new clients?

Potts: We target chief information security officers and/or their security professionals throughout Enterprise 2000 corporations, governments, healthcare and higher education facilities worldwide.

With a lot of noise in the market and many companies claiming to do similar things, it remains an ongoing challenge for all of us in the security space to separate reality from fiction.  Fortunately for us this has become easier over the past couple of years with a rapidly expanding customer base, powerful use cases, and partnerships with respected companies like Cisco who is now reselling our product off of its global price list via its 7,000 account managers.

What is your distribution model? Where to buy your product?

Potts: Up until recently our model has primarily been direct with channel fulfillment.  In addition to our resell relationship with Cisco, we are moving toward a more comprehensive global, two-tier channel for pull through and fulfillment.

I'd be curious to hear any general thoughts you have on market trends in this field. E.g. how does BYOD influence the security landscape ...

Potts: BYOD has already had a significant impact on how corporations best allow the use of personal computing devices, control costs and enable security to protect corporate networks and the users attached to them.

Ever since Lancope's beginnings, we have been an early-to-market innovator (sometimes too early) with many first-mover advantages.  In the case of BYOD, we cut our teeth within this aspect of the market in higher education long before it became widely recognized at the enterprise level.  University security professionals were dealing with students bringing various devices onto university networks with limited capabilities to police the use of personal computers, smartphones, etc. until products such as StealthWatch were available.  We were able to provide university security operators with a unique capability to identify by IP address the who, what, when, where and how that they couldn't see before to ensure that students and faculty were using the network appropriately.  Commercializing this capability for the Enterprise 2000, we were able to offer an even more robust version through an integrated product offering with Cisco attached to the Cisco Identity Services Engine (ISE).

What's the business model?

Potts: Our license model is perpetually tied to an annual maintenance fee for upgrades and enhancements.  We also have a subscription component for our continuous threat feed for customers that opt in for this service.  Core to our license structure is a usage model tied to network traffic volume which enables us to grow as our customers grow.  A typical customer ends up expanding their usage of our product 4-5x as data volumes tend to double every 2-3 years due to the rapid proliferation of voice, video and data.

How do you differentiate from your competitors?

Potts: Providing complete macro level network visibility and security intelligence is our key differentiator, whichenables our customers to see and detect what others can't and maintain business continuity. Very few companies have the ability to provide this macro view and even fewer have the ability to provide the scale and actionable security intelligence to make it operational.

Who are your customers? Can you talk about some of your clients?

Potts: We have over 750 customers worldwide in virtually every industry sector ranging from financial services, retail, technology and higher education to various government entities. A few of the customers we can publicly acknowledge are Cisco, HP and the U.S. Department of Defense.  The common denominator in all use case scenarios comes down to the comprehensive macro visibility we've been discussing.  This capability enables these customers to detect a malicious event as quickly as possible, and shut it down before significant data theft occurs or they experience a network disruption such as what a DDoS attack could bring if not rerouted in time.

Is your Company disrupting the technology market?

Potts: We are a disruptive Security 2.0 company that is taking market share from conventional security vendors as perimeter security gives way.  We are growing faster at 60% than what IDC has tagged as the "Specialized Analysis Threat Detection" market, a 1.2B market growing at 42% annually.

Who founded the company, when? What can you tell me about the story of the company's founding?

Potts: We were founded out of Georgia Tech in 1999 on the premise that there would be a better way to defend networks against attacks without virus signatures.  Lancope was a very early mover and shaker with a concept that wasn't completely embraced until the market realized that the AV and perimeter defense model was breaking down.  Today our technology has been further enhanced and has become a staple for our 750 customers worldwide, also driving partnerships that help us further extend our global reach.

What's next on your product roadmap?

Potts: The IT industry is in the midst of a global hardware refresh that will total more than 180B over the next 4 - 5 years.  Customers will demand that security is further built into the network and/or the cloud that serves them.  Lancope is working on the most forward leaning ways to deliver this level of security in software-defined networks and in private or public clouds to enable our customers to derive the highest level of business value and maintain business continuity.

Are you targeting a first VC round? If yes when and what will you use the funds for? How much money is being sought?

Potts: We have been profitable and /or cash flow positive for the past 4+ years and do not anticipate going back to the venture or private equity markets to support our growth.

What is your exit strategy?

Potts: We are focusing on growing the company rapidly and expanding our global presence, and are within the reach of the public markets in the not-too-distant future.

What else would you like to add?

Potts: We are constantly in a cat-and-mouse security war with the adversaries advancing their tactics as quickly as they can. Right now the cat at the perimeter is getting his tail kicked by a much smarter, faster, more agile and bigger mouse than ever before.  The need to move to Security 2.0 at the core of the network is here, and is fueling companies like Lancope.  I don't believe there will ever be a silver bullet to stop cybersecurity threats dead in their tracks.  The ability to facilitate best-of-breed partnerships will help better equip all of us with a more holistic strategy for more successfully defending public and private enterprises worldwide.  As we continue our record growth, we are focusing on building these relationships for the benefit of our customers and partners to stay on the cutting edge.

About Lancope

Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today's top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope's StealthWatch® System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. Lancope's security capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs research team. For more information, visitwww.lancope.com.

 

 

More Stories By Xenia von Wedel

Xenia von Wedel, Tech blogger and SVP of Transform PR/San Francisco- Mountain View. She mainly writes about B2B solutions, social media and open source software. Transform Public Relations is a full-service PR agency, serving clients in a variety of industries worldwide. The agency is focused on thought leadership content creation and syndication, media outreach and strategy. Buy her a coffee if you like her article: http://xeniar.tip.me

Latest Stories
"For the past 4 years we have been working mainly to export. For the last 3 or 4 years the main market was Russia. In the past year we have been working to expand our footprint in Europe and the United States," explained Andris Gailitis, CEO of DEAC, in this SYS-CON.tv interview at Cloud Expo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using ...
Connected devices and the Internet of Things are getting significant momentum in 2014. In his session at Internet of @ThingsExpo, Jim Hunter, Chief Scientist & Technology Evangelist at Greenwave Systems, examined three key elements that together will drive mass adoption of the IoT before the end of 2015. The first element is the recent advent of robust open source protocols (like AllJoyn and WebRTC) that facilitate M2M communication. The second is broad availability of flexible, cost-effective ...
High-performing enterprise Software Quality Assurance (SQA) teams validate systems that are ready for use - getting most actively involved as components integrate and form complete systems. These teams catch and report on defects, making sure the customer gets the best software possible. SQA teams have leveraged automation and virtualization to execute more thorough testing in less time - bringing Dev and Ops together, ensuring production readiness. Does the emergence of DevOps mean the end of E...
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
We are reaching the end of the beginning with WebRTC, and real systems using this technology have begun to appear. One challenge that faces every WebRTC deployment (in some form or another) is identity management. For example, if you have an existing service – possibly built on a variety of different PaaS/SaaS offerings – and you want to add real-time communications you are faced with a challenge relating to user management, authentication, authorization, and validation. Service providers will w...
How do APIs and IoT relate? The answer is not as simple as merely adding an API on top of a dumb device, but rather about understanding the architectural patterns for implementing an IoT fabric. There are typically two or three trends: Exposing the device to a management framework Exposing that management framework to a business centric logic Exposing that business layer and data to end users. This last trend is the IoT stack, which involves a new shift in the separation of what stuff happe...
The Internet of Things will put IT to its ultimate test by creating infinite new opportunities to digitize products and services, generate and analyze new data to improve customer satisfaction, and discover new ways to gain a competitive advantage across nearly every industry. In order to help corporate business units to capitalize on the rapidly evolving IoT opportunities, IT must stand up to a new set of challenges. In his session at @ThingsExpo, Jeff Kaplan, Managing Director of THINKstrateg...
Cultural, regulatory, environmental, political and economic (CREPE) conditions over the past decade are creating cross-industry solution spaces that require processes and technologies from both the Internet of Things (IoT), and Data Management and Analytics (DMA). These solution spaces are evolving into Sensor Analytics Ecosystems (SAE) that represent significant new opportunities for organizations of all types. Public Utilities throughout the world, providing electricity, natural gas and water,...
DevOps is all about agility. However, you don't want to be on a high-speed bus to nowhere. The right DevOps approach controls velocity with a tight feedback loop that not only consists of operational data but also incorporates business context. With a business context in the decision making, the right business priorities are incorporated, which results in a higher value creation. In his session at DevOps Summit, Todd Rader, Solutions Architect at AppDynamics, discussed key monitoring techniques...
Want to enable self-service provisioning of application environments in minutes that mirror production? Can you automatically provide rich data with code-level detail back to the developers when issues occur in production? In his session at DevOps Summit, David Tesar, Microsoft Technical Evangelist on Microsoft Azure and DevOps, will discuss how to accomplish this and more utilizing technologies such as Microsoft Azure, Visual Studio online, and Application Insights in this demo-heavy session.
When an enterprise builds a hybrid IaaS cloud connecting its data center to one or more public clouds, security is often a major topic along with the other challenges involved. Security is closely intertwined with the networking choices made for the hybrid cloud. Traditional networking approaches for building a hybrid cloud try to kludge together the enterprise infrastructure with the public cloud. Consequently this approach requires risky, deep "surgery" including changes to firewalls, subnets...
The Internet of Things will greatly expand the opportunities for data collection and new business models driven off of that data. In her session at @ThingsExpo, Esmeralda Swartz, CMO of MetraTech, discussed how for this to be effective you not only need to have infrastructure and operational models capable of utilizing this new phenomenon, but increasingly service providers will need to convince a skeptical public to participate. Get ready to show them the money!
One of the biggest challenges when developing connected devices is identifying user value and delivering it through successful user experiences. In his session at Internet of @ThingsExpo, Mike Kuniavsky, Principal Scientist, Innovation Services at PARC, described an IoT-specific approach to user experience design that combines approaches from interaction design, industrial design and service design to create experiences that go beyond simple connected gadgets to create lasting, multi-device exp...
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at @ThingsExpo, Robin Raymond, Chief Architect...