SYS-CON MEDIA Authors: Greg Ness, Sean Houghton, Glenn Rossman, Ignacio M. Llorente, Xenia von Wedel

Related Topics: Security, Java, SOA & WOA, Web 2.0

Security: Blog Post

Lancope’s StealthWatch Turns Enterprise Networks into Secure Sensor Grid

Interview with Mike Potts, CEO of Lancope

Thanks for taking the time to answer my questions. Please tell us, what is Lancope all about and what do you do?

Mike Potts, CEO of Lancope: Good to be with you today....

Lancope's mission is to constantly deliver to our customers an overwhelming advantage in cybersecurity defense. We do this by turning the network into an online sensor grid providing superior network visibility and security intelligence.

With the perimeter security model 1.0 having become very porous and unreliable for stopping new age attacks (attacks without signatures, advanced persistent threats, and the evolving insider threat), a new set of security 2.0 requirements has emerged.

Through our more than 200 security algorithms, we are able to digest metadata known as NetFlow coming off of switches, routers, and various perimeter security devices to present an actionable, continuous macro level view of what has seeped through the perimeter.  Using many of the same data sources, we are also able to get a complete view of intra-network activity to identify and shut down malicious actions long before a widespread security breach could occur.

What's new at Lancope? Pls be specific with model description etc.!)

Potts: We just released StealthWatch version 6.5 and our FlowSensor 4000.  This combined offering enables us to deliver massive scalability to the largest service providers and enterprise data centers while also offering a more intuitive interface to enable a broader group of users.

The StealthWatch FlowSensor 4000 is able to handle up to 20 gigabits of sustained bandwidth to ensure our customers are able to capture the metadata required to get a complete macro view of their environment.  This is nearly a 4x increase from our previous capability.

In StealthWatch 6.5, our product managers and engineers have delivered a much more intuitive product for ease of use, with improved dashboards and enhanced security intelligence capabilities to provide actionable information for faster detection and removal of threats.   Through our StealthWatch Labs security research team, we have also provided additional protection from major threats by delivering behavioral security algorithms to Lancope customers outside of their product update cycles, as well as  the ability to create their own custom security event alarms.

Who is your target audience and how do you intend to reach them? What is the biggest challenge you face right now in telling your story and winning over new clients?

Potts: We target chief information security officers and/or their security professionals throughout Enterprise 2000 corporations, governments, healthcare and higher education facilities worldwide.

With a lot of noise in the market and many companies claiming to do similar things, it remains an ongoing challenge for all of us in the security space to separate reality from fiction.  Fortunately for us this has become easier over the past couple of years with a rapidly expanding customer base, powerful use cases, and partnerships with respected companies like Cisco who is now reselling our product off of its global price list via its 7,000 account managers.

What is your distribution model? Where to buy your product?

Potts: Up until recently our model has primarily been direct with channel fulfillment.  In addition to our resell relationship with Cisco, we are moving toward a more comprehensive global, two-tier channel for pull through and fulfillment.

I'd be curious to hear any general thoughts you have on market trends in this field. E.g. how does BYOD influence the security landscape ...

Potts: BYOD has already had a significant impact on how corporations best allow the use of personal computing devices, control costs and enable security to protect corporate networks and the users attached to them.

Ever since Lancope's beginnings, we have been an early-to-market innovator (sometimes too early) with many first-mover advantages.  In the case of BYOD, we cut our teeth within this aspect of the market in higher education long before it became widely recognized at the enterprise level.  University security professionals were dealing with students bringing various devices onto university networks with limited capabilities to police the use of personal computers, smartphones, etc. until products such as StealthWatch were available.  We were able to provide university security operators with a unique capability to identify by IP address the who, what, when, where and how that they couldn't see before to ensure that students and faculty were using the network appropriately.  Commercializing this capability for the Enterprise 2000, we were able to offer an even more robust version through an integrated product offering with Cisco attached to the Cisco Identity Services Engine (ISE).

What's the business model?

Potts: Our license model is perpetually tied to an annual maintenance fee for upgrades and enhancements.  We also have a subscription component for our continuous threat feed for customers that opt in for this service.  Core to our license structure is a usage model tied to network traffic volume which enables us to grow as our customers grow.  A typical customer ends up expanding their usage of our product 4-5x as data volumes tend to double every 2-3 years due to the rapid proliferation of voice, video and data.

How do you differentiate from your competitors?

Potts: Providing complete macro level network visibility and security intelligence is our key differentiator, whichenables our customers to see and detect what others can't and maintain business continuity. Very few companies have the ability to provide this macro view and even fewer have the ability to provide the scale and actionable security intelligence to make it operational.

Who are your customers? Can you talk about some of your clients?

Potts: We have over 750 customers worldwide in virtually every industry sector ranging from financial services, retail, technology and higher education to various government entities. A few of the customers we can publicly acknowledge are Cisco, HP and the U.S. Department of Defense.  The common denominator in all use case scenarios comes down to the comprehensive macro visibility we've been discussing.  This capability enables these customers to detect a malicious event as quickly as possible, and shut it down before significant data theft occurs or they experience a network disruption such as what a DDoS attack could bring if not rerouted in time.

Is your Company disrupting the technology market?

Potts: We are a disruptive Security 2.0 company that is taking market share from conventional security vendors as perimeter security gives way.  We are growing faster at 60% than what IDC has tagged as the "Specialized Analysis Threat Detection" market, a 1.2B market growing at 42% annually.

Who founded the company, when? What can you tell me about the story of the company's founding?

Potts: We were founded out of Georgia Tech in 1999 on the premise that there would be a better way to defend networks against attacks without virus signatures.  Lancope was a very early mover and shaker with a concept that wasn't completely embraced until the market realized that the AV and perimeter defense model was breaking down.  Today our technology has been further enhanced and has become a staple for our 750 customers worldwide, also driving partnerships that help us further extend our global reach.

What's next on your product roadmap?

Potts: The IT industry is in the midst of a global hardware refresh that will total more than 180B over the next 4 - 5 years.  Customers will demand that security is further built into the network and/or the cloud that serves them.  Lancope is working on the most forward leaning ways to deliver this level of security in software-defined networks and in private or public clouds to enable our customers to derive the highest level of business value and maintain business continuity.

Are you targeting a first VC round? If yes when and what will you use the funds for? How much money is being sought?

Potts: We have been profitable and /or cash flow positive for the past 4+ years and do not anticipate going back to the venture or private equity markets to support our growth.

What is your exit strategy?

Potts: We are focusing on growing the company rapidly and expanding our global presence, and are within the reach of the public markets in the not-too-distant future.

What else would you like to add?

Potts: We are constantly in a cat-and-mouse security war with the adversaries advancing their tactics as quickly as they can. Right now the cat at the perimeter is getting his tail kicked by a much smarter, faster, more agile and bigger mouse than ever before.  The need to move to Security 2.0 at the core of the network is here, and is fueling companies like Lancope.  I don't believe there will ever be a silver bullet to stop cybersecurity threats dead in their tracks.  The ability to facilitate best-of-breed partnerships will help better equip all of us with a more holistic strategy for more successfully defending public and private enterprises worldwide.  As we continue our record growth, we are focusing on building these relationships for the benefit of our customers and partners to stay on the cutting edge.

About Lancope

Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today's top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope's StealthWatch® System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. Lancope's security capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs research team. For more information, visitwww.lancope.com.

 

 

More Stories By Xenia von Wedel

Xenia von Wedel, Tech blogger and SVP of Transform PR/San Francisco- Mountain View. She mainly writes about B2B solutions, social media and open source software. Transform Public Relations is a full-service PR agency, serving clients in a variety of industries worldwide. The agency is focused on thought leadership content creation and syndication, media outreach and strategy. Buy her a coffee if you like her article: http://xeniar.tip.me

Latest Stories
SYS-CON Events announced today that Cloudian, Inc., the leading provider of hybrid cloud storage solutions, will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Cloudian, Inc., is a Foster City, California - based software company specializing in cloud storage software. The main product is Cloudian, an Amazon S3-compliant cloud object storage platform, the bedrock of cloud computing systems, that enables c...
ScriptRock makes GuardRail, a DevOps-ready platform for configuration monitoring. Realizing we were spending way too much time digging up, cataloguing, and tracking machine configurations, we began writing our own scripts and tools to handle what is normally an enormous chore. Then we took the concept a step further, giving it a beautiful interface and making it simple enough for our bosses to understand. We named it GuardRail after its function - to allow businesses to move fast and stay sa...
SYS-CON Media announced today that Sematext launched a popular blog feed on DevOps Journal with over 6,000 story reads over the weekend. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. DevOps Journal brings valuable information to DevOps professionals who are transforming the way enterprise IT is done. Sematext is a globally distributed organization that builds innovative Cloud and On Premises solutions for performance monitoring, alerting an...
Leysin American School is an exclusive, private boarding school located in Leysin, Switzerland. Leysin selected an OpenStack-powered, private cloud as a service to manage multiple applications and provide development environments for students across the institution. Seeking to meet rigid data sovereignty and data integrity requirements while offering flexible, on-demand cloud resources to users, Leysin identified OpenStack as the clear choice to round out the school's cloud strategy. Additional...
SYS-CON Events announced today that Windstream, a leading provider of advanced network and cloud communications, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Windstream (Nasdaq: WIN), a FORTUNE 500 and S&P 500 company, is a leading provider of advanced network communications, including cloud computing and managed services, to businesses nationwide. The company also offers broadband, p...
The BPM world is going through some evolution or changes where traditional business process management solutions really have nowhere to go in terms of development of the road map. In this demo at 15th Cloud Expo, Kyle Hansen, Director of Professional Services at AgilePoint, shows AgilePoint’s unique approach to dealing with this market circumstance by developing a rapid application composition or development framework.
SYS-CON Events announced today Isomorphic Software, the global leader in high-end, web-based business applications, will exhibit at SYS-CON's DevOps Summit 2015 New York, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. Isomorphic Software is the global leader in high-end, web-based business applications. We develop, market, and support the SmartClient & Smart GWT HTML5/Ajax platform, combining the productivity and performance of traditional desktop software ...
In high-production environments where release cycles are measured in hours or minutes — not days or weeks — there's little room for mistakes and no room for confusion. Everyone has to understand what's happening, in real time, and have the means to do whatever is necessary to keep applications up and running optimally. DevOps is a high-stakes world, but done well, it delivers the agility and performance to significantly impact business competitiveness.
"Our premise is Docker is not enough. That's not a bad thing - we actually love Docker. At ActiveState all our products are based on open source technology and Docker is an up-and-coming piece of open source technology," explained Bart Copeland, President & CEO of ActiveState Software, in this SYS-CON.tv interview at DevOps Summit at Cloud Expo®, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover ...
"BSQUARE is in the business of selling software solutions for smart connected devices. It's obvious that IoT has moved from being a technology to being a fundamental part of business, and in the last 18 months people have said let's figure out how to do it and let's put some focus on it, " explained Dave Wagstaff, VP & Chief Architect, at BSQUARE Corporation, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The major cloud platforms defy a simple, side-by-side analysis. Each of the major IaaS public-cloud platforms offers their own unique strengths and functionality. Options for on-site private cloud are diverse as well, and must be designed and deployed while taking existing legacy architecture and infrastructure into account. Then the reality is that most enterprises are embarking on a hybrid cloud strategy and programs. In this Power Panel at 15th Cloud Expo (http://www.CloudComputingExpo.com...
Verizon Enterprise Solutions is simplifying the cloud-purchasing experience for its clients, with the launch of Verizon Cloud Marketplace, a key foundational component of the company's robust ecosystem of enterprise-class technologies. The online storefront will initially feature pre-built cloud-based services from AppDynamics, Hitachi Data Systems, Juniper Networks, PfSense and Tervela. Available globally to enterprises using Verizon Cloud, Verizon Cloud Marketplace provides a one-stop shop fo...
SYS-CON Events announced today that IDenticard will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. IDenticard™ is the security division of Brady Corp (NYSE: BRC), a $1.5 billion manufacturer of identification products. We have small-company values with the strength and stability of a major corporation. IDenticard offers local sales, support and service to our customers across the United States and Canada...
SYS-CON Media announced today that Aruna Ravichandran, VP of Marketing, Application Performance Management and DevOps at CA Technologies, has joined DevOps Journal’s authors. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. DevOps Journal brings valuable information to DevOps professionals who are transforming the way enterprise IT is done. Aruna's inaugural article "Four Essential Cultural Hacks for DevOps Newbies" discusses how to demonstrate the...