iboss – A Single Secure Web Gateway Platform in the Cloud

In my discussion with Peter Martini, the President of iboss, he outlines the current trends driving the secure web gateway market, and security software in general. He also outlines several approaches taken by traditional secure web gateway providers and explains why they fall short and cannot scale to meet the increasing demands of today’s corporate computing environments.

Peter goes on to outline how his company’s product is a single, distributed gateway platform that focuses not just on security functionality and features, but also on the key issue of how to deliver those features and functionality to corporate users.

Please tell me a little bit about yourself and your background.

I am the current president of iboss and lead the go to market strategy. A lot of what I do is analyze the markets speaking to customers to identify trends and ensure we are developing for tomorrow.

Your product is a distributed gateway platform. What exactly is that? When would I want/need one?

Our platform is a gateway to the Internet. Similar to the TSA (Transportation Security Administration) checkpoints at the airport, we make sure it is OK to proceed in and out, while scrubbing for malware. With the rise of IoT (Internet of Things), this is more critical than ever.  We need to secure devices as varied as laptop computers, televisions, and hospital devices, to name just a few.

In the past, you could just ship a hardware gateway appliance to a company’s main office. Now, however, not only do companies have multiple offices all around the world, but employees are also very mobile and need to access the company network from anywhere and everywhere.

Instead of employees having to follow security, i.e. find a secure access point, it should be the other way around – security should follow employees wherever they might be located.

We pioneered cloud security before cloud computing became popular. We have one single platform/engine that is all software – there are no hardware appliances. The iboss platform can also be deployed on-premises if required, such as when dictated by compliance and regulations.

Whom do you see as your main competitors?

There are about 14 players in this space, including Blue Coat, WebSense / Forcepoint, Cisco, Trend Micro, and McAfee.

How do you see your platform as different from that of your competitors?

There are certain trends that are creating more and more stress on existing corporate computing and network environments, including:

• Rising Bandwidth costs
• Bandwidth demands increasing
• Number of devices increasing
• Number of network connections per device increasing.

Traditional security vendors cannot scale up to meet the increased demand created by these trends.

The reason that we can scale and meet these demands is because we are the only truly distributed gateway platform and not a collection of multiple platforms. We decided early on to focus on how to deliver our services and not just simply add more features and functionality. That means focus on the architecture for a single platform that could scale and support the increasing number of devices and other requirements.

On your website, you talk about the problems with the two common alternatives to legacy gateway architectures – the hybrid approach and the all-cloud approach. What are those issues and how is your platform different?

In response to the trends I just outlined, traditional secure web gateway vendors offer two alternative approaches: (1) hybrid and (2) all-cloud.

Unfortunately, both of these approaches are flawed. Either they attempt to preserve dying appliance business models by bolting on cloud capabilities, or they force a move entirely into the cloud. Neither approach truly meets the broader requirements of distributed enterprises.

With hybrid solutions, two different systems are combined and operate in tandem. The familiar, legacy appliances sit in the main data center and process traffic at headquarters, while a separate, cloud-based system manages remote and mobile traffic.

The two main problems with the hybrid approach are that:

• Administrators have to log in to two separate systems and then manually import, export, and normalize logs between the two systems.
• Policies, functions, usability, and performance are different on the cloud software and on the data center appliances. This leads to numerous operational issues, weakened security, and an inconsistent and frustrating experience for users.

The second, all-cloud alternative, delivers a solution that is architected and built only “in the cloud.” This is an extreme approach, where physical on-premises security appliances are completely eliminated and are replaced with a cloud-only gateway. As a result, all of an organization’s data is routed directly to the cloud for scanning and security processing.

Here too there are two major drawbacks:

• In order to move all security functionality to the cloud, the IT department must overhaul the network architecture. Computers, routers and firewalls must be reconfigured to redirect all traffic to the cloud-based secure web gateway. This is both time-consuming and costly.
• Cloud-only secure web gateways cause compliance issues. Many enterprises, especially those in regulated industries, are required to secure their data inside the corporate network perimeter. Enterprises may also be subject to country-specific data privacy and security laws that require data be kept within a specific physical geography or country.

Your architecture is based on a few types of nodes – correct?

Yes. It is the concept of functional nodes that make the architecture elastic and highly scalable. Nodes can replicate automatically and very quickly in order to increase capacity and meet the current load and demands. Nodes can be located at any location, but the administration and central database is always in the cloud.

Can you give me some information about pricing?

Our pricing model is purely SaaS (Software as a Service). This is true, even if you decide to install the software on-premises. To give you some idea of actual numbers, we charge by the device and the average cost is $12/year for the core functionality.

How do you define your market? Who is your specific target audience within that market?

Our target audience is mainly companies that are compliance-driven. Specifically, that includes the following industries:

• Public Sector
• Financial Services
• Retail (PCI)
• Manufacturing

How many active customers do you have today? Where are they mainly located?

We now have almost 4,000 customers, primarily in North America and Western Europe. In order to support our global customers, we have data centers all around the world, including Asia Pacific and South America.

Who are some of your biggest customers?

Here is a small sampling of our current customers:

What are your top three tips for distributed organizations?

I think that the following three items are the most important things to consider when looking for a distributed security solution:

1. Consistent features and capabilities whether operating on-site or off-site.
2. Elimination of the need to backhaul data to the main office for processing.
3. Ability to seamlessly scale as needed to meet increased demands.

How do you see the security market evolving in the coming years?

I expect the following changes to occur in the security space:

• Many legacy security appliances will go away.
• The way security services are offered will change.
• Increased focus on platforms, rather than feature lists.
• Companies will be more proactive, rather than reactive.

What are your future plans for iboss?

At iboss, our focus remains on the continuous development of our platform, incorporating new features and enhancements. Simultaneously, we are committed to expanding our support for Managed Service Providers (MSPs) who utilize our platform. As part of this commitment, we are making substantial investments in augmenting our workforce at our primary office located in Boston.

How many employees do you have today? Where are they located?

We now have almost 350 employees. Our headquarters is in Boston and we have another large office in San Diego, California. Our research and development is based at those two facilities. We also have offices in Florida and other several locations around the world.

How many hours a day do you normally work?  What do you like to do when you are not working?

I probably average working 12-16 hours a day. I have not taken a vacation in many years…

I spend most of my free time restoring pre-1967 European cars.