An Interview with Ritesh Agrawal, CEO of Airgap Networks

Interview with Airgap CEO Ritesh Agrawal

How Does Airgap prevent propagation?

Despite our customer's best efforts, even when armed with multiple cybersecurity vendor tools, it is next to impossible to stop ransomware from breaching the perimeter of an organization. Once inside the network, ransomware exploits the legacy flaws of shared VLAN network designs. It is able to scan all devices and business applications on the shared network and then propagate the ransomware.

Network Security Solutions for the Enterprise Campus and Data Center

Airgap takes a comprehensive view of enterprise networks and infrastructure. We want to be able to provide lateral communication protection, meaning if you have an Enterprise that is managing 10,000 appliances or devices inside the organization, one infected device has the potential to infect all 10,000 devices. Airgap ensures that this does not happen, ransomware stays confined to that one device.

Savings: Reducing CAPEX and OPEX

When you have many, many applications inside the organization protecting you (and endpoints). It creates a lot of operational complexity for the IT team. Using Airgap can eliminate the need for some of those applications, not only saving CAPEX money but saving operational headaches by streamlining and improving the security posture of your business.

Shared VLANs: A closer look

Let’s look at what is happening in the enterprise, where they are using VLAN deployments. What I mean by shared VLAN is that there is a separate VLAN for say, all engineering or HR departments, within that shared VLAN, everybody can talk to everybody. That’s just the nature of shared VLANs. This is a 30-year-old blueprint that was good at the time when it was proposed in 90s. But it’s definitely not ideal today. What has happened since then? we’ve observed that there is very little lateral communication required for your business to be operational, with some exceptions. Printing or Google Chromecast, or Apple TV or video sharing. But other than that, you don’t have much going on. Yet, you have that shared VLAN “highway” available. Unfortunately, that “highway” is precisely what the hackers are using, not your employees or your IT teams. We essentially shut down that highway making exceptions for your printing and videoconferencing and a couple of other identified applications that you may have. This way you can continue to go about your business, but not give hackers access to the “highway” that they can use and exploit.

Proactive versus Reactive

Any good security solution should address both sides of this equation. As in, it should be proactive, to begin with. But, bad things can happen. Configuration errors, for example, somebody could drop in an unintended policy. This results in a network vulnerability, I call it human error. And that’s always possible, no matter how good a tool you have, there is a human error possibility. For this, you need to have reactive solutions as well. Airgap eliminates/stops all unauthorized communication inside your organization. There is so much unnecessary traffic, you realize this as soon as you deploy the Airgap Visibility Engine. The engine displays all the unnecessary and unauthorized applications that should be stopped immediately. Airgap takes care of that for you.

Airgap Ransomware Kill Switch

Now let’s say a device ends up getting infected with ransomware, today you won’t be able to instantly shut down the propagation of ransomware, and you may have 10,000 devices on the same VLAN, depending on the size of your organization. Now they are, one at a time, getting infected, it is a race against time. Airgap delivers you the industry-first Ransomware Kill Switch. Airgap is the only one that is able to do that for you.

Secure Attack Surfaces

The fundamental belief at Airgap is that there is so much-unauthorized access available inside the organization. We eliminate that unauthorized access, and now the attack surface becomes dramatically smaller. The second step is to start observing the traffic that you have authorized. If we notice an anomaly there, we obviously shut down and isolate those devices.

Agentless. Beyond Micro-Segmentation.

Our solution is actually a lot more than micro-segmentation, but they’re definitely components of micro-segmentation.

Security Intelligence

Security, intelligence is very important. The unique way of deploying Airgap allows us to detect, without any false positives, infected devices inside the organization. We provide this intelligence to the IT administrator or security operations team who can immediately take an action. In our early days, when we talked to our customers and explained how we do zero false positives, which is much coveted by SecOps teams. They were like “ …there is no solution available. And you couldn’t have a solution” because it’s just a very hard problem to solve.

A Unique Approach

Airgap Zero Trust Isolation is very unique, new, and complementary to what customers have invested in already. I always tell customers that you have to start investing in four areas: #1 Device to internet protection. In fact, I would say 80 to 90% of security companies are focused on device to internet protection. #2 Private application to private application protection, knowing that there are lots of servers inside the data center, and I want to be able to protect them. There are dozens, if not hundreds of companies in that space. Now moving to two areas that have not been addressed to date 3#device to device protection. I have 10,000 devices inside my organization and they are trying to infect each other…what do I do? Furthermore, there is another one that counts as #4 Device to private application protection.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Airgap Networks

Airgap Networks

Zero Trust Isolation — The Best Defense Against Ransomware Propagation. https://airgap.io