Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

6/19/2008
09:30 AM
50%
50%

Neocleus Nabs $11M for Virtual Security

Startup takes aim at virtual desktops with Xen-based software

By James Rogers, June 19, 2008, 5:30 PM

Israeli startup Neocleus has clinched $11.4 million in Series B funding, bolstering its efforts to tighten virtual desktop security.

The round, which was led by Battery Ventures and Gemini Israel Funds, brings Neocleus’s total funding to $16.4 million, and the vendor is now looking to flesh out its U.S. business.

“Today, we’re mostly R&D [so] it’s for expansion of sales and marketing,” says Etay Bogner, Neocleus CTO, explaining that the vendor is looking to expand its 35-strong workforce to 50 during the next 12 months.

Neocleus, which only launched its first products last month, is promoting its Trusted Edge virtual appliance as a way for users to lock down "endpoint" devices like desktops and laptops. This solves many of the security problems associated with virtualization, according to Bogner.

A virus in one VM (virtual machine) could easily infect another VM, particularly in the Windows environment, he says, explaining that Neocleus uses a Xen-based hypervisor to isolate specific VMs.

“We have taken the Xen hypervisor and turned it into a client hypervisor,” he says, adding that this can be used to isolate vulnerable applications such as email and IM. “What we’re doing is running VMs side by side, independent of each other.”

Neocleus is not the first vendor to focus its attention on virtual desktop security. VMware’s ACE, for example, also isolates VMs, although Tel Aviv-based Neocleus is now offering an open-source, Xen-based alternative.

Other firms playing in this space include Sentillion, which is focused mainly on the healthcare sector, and Secure Command, which is currently beta testing its Internet Cleanroom offerings.

“This is the way that desktop virtualization is going,” says Rachel Chalmers, a senior analyst at the 451 Group, explaining that users are looking for ways to lock down VMs. “What Nucleus can give the hypervisor vendors is a way to do the endpoint security.”

Neocleus’s Bogner would not reveal whether deals with other virtualization specialists are imminent, although he did not rule this out. “We’re talking with everyone,” he says, hinting that VMware could even be a future partner.

This could be a shrewd move, particularly given that VMware remains synonymous with virtualization, despite a recent spate of desktop announcements from Citrix, which bought XenSource for $500 million last year.

Neocleus has revealed the identity of one of its partners, the consulting wing of Fujitsu, but scant details of the deal are available. “They are a big systems integrator, and there’s a lot of projects that we’re investigating,” says Bogner, adding that it is “too early” to discuss specifics of the relationship.

The exec nonetheless confirmed that Trusted Edge will be sold both as a standalone product and a managed service, explaining that some end-users are already testing the virtual appliance. “We’re working with a couple of customers in the financial area in the States, Europe, and the Far East,” he says.

Neocleus, which has its U.S. base in Jersey City, N.J., has released the identity of one of these firms: Paris-based Standard Chartered Bank is currently evaluating Trusted Edge.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Byte and Switch's editors directly, send us a message.

  • Battery Ventures
  • Citrix Systems Inc. (Nasdaq: CTXS)
  • Gemini Israel Fund
  • Neocleus Inc.
  • Sentillion Inc.
  • The 451 Group
  • VMware Inc. (NYSE: VMW)
  • XenSource Inc.

     

    Recommended Reading:

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    COVID-19: Latest Security News & Commentary
    Dark Reading Staff 7/6/2020
    Another COVID-19 Side Effect: Rising Nation-State Cyber Activity
    Stephen Ward, VP, ThreatConnect,  7/1/2020
    Lessons from COVID-19 Cyberattacks: Where Do We Go Next?
    Derek Manky, Chief of Security Insights and Global Threat Alliances, FortiGuard Labs,  7/2/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    Special Report: Computing's New Normal, a Dark Reading Perspective
    This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
    Flash Poll
    The Threat from the Internetand What Your Organization Can Do About It
    The Threat from the Internetand What Your Organization Can Do About It
    This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-15600
    PUBLISHED: 2020-07-07
    An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password.
    CVE-2020-15599
    PUBLISHED: 2020-07-07
    Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field.
    CVE-2020-8916
    PUBLISHED: 2020-07-07
    A memory leak in Openthread's wpantund versions up to commit 0e5d1601febb869f583e944785e5685c6c747be7, when used in an environment where wpanctl is directly interfacing with the control driver (eg: debug environments) can allow an attacker to crash the service (DoS). We recommend updating, or to res...
    CVE-2020-12821
    PUBLISHED: 2020-07-07
    Gossipsub 1.0 does not properly resist invalid message spam, such as an eclipse attack or a sybil attack.
    CVE-2020-15008
    PUBLISHED: 2020-07-07
    A SQLi exists in the probe code of all Connectwise Automate versions before 2020.7 or 2019.12. A SQL Injection in the probe implementation to save data to a custom table exists due to inadequate server side validation. As the code creates dynamic SQL for the insert statement and utilizes the user su...