November 11, 2020
We are excited to share the news that Barracuda has acquired Fyde, a Zero Trust Network Access (ZTNA) innovator, to expand the Barracuda CloudGen SASE platform with ZTNA capabilities. Fyde’s innovative Zero Trust solution enables secure, reliable, and fast access to cloud or on-premises applications and workloads from any device and location.
To give you a closer look at the technology and how it aligns with Barracuda’s network security solutions, we sat down to talk with Sinan Eren, one of the founders of Fyde who is now VP, Zero Trust Access at Barracuda.
Q&A with Sinan Eren, VP, Zero Trust Access
How did Fyde get started?
Two distinct stories came together and gave us the idea to launch Fyde. One of them was the first big uptick in ransomware because it gave cybercriminals a way to monetize malware, and it evolved quite fast. We talked to a company in Japan that was going through a massive ransomware incident, and we quickly found out that they were compromised through site-to-site VPN with a contractor. The issue is that once the VPN is set, it's persistent. Credentials are checked once, and anybody that is on the other end of the VPN basically teleports into the network. If you're teleporting unmanaged devices into the network, you have no visibility into the endpoints. If they’re already infected or compromised, they can infect your entire organization with ransomware or lead to data breaches. That didn’t make sense to us. Persistent access to your internal network by unmanaged devices or managed yet contextually ever-changing devices is just not going to play well in the long run. At the same time, we were also pretty concerned about the role phishing and data breaches played in the 2016 election. That gave us another boost to try to go out and do something that could help improve the way secure access is handled.
How has the technology evolved since Fyde first launched?
When it comes to how network security is done through product design, we did not want to go out and launch yet another product that was very similar to what was already in the market. You had bunch of larger vendors that were creating these persistent tunnels to their cloud to give you security. We knew that if we were going to be competitive, we would have to push a lot more of this compute directly to the mobile devices, laptops, and desktops. The idea was instead of routing traffic and doing the heavy lifting on the cloud, you could do a lot more of the processing directly on the endpoint. We had a lot of endpoint security background, and we wanted to put that together with our network security knowledge, but do it closer to the real edge, which we consider to be the endpoint itself, not the edge of the network, but the real edge: your laptop or mobile device.
From your point of view, what is Zero Trust, and why is it so important, especially now?
The world is a lot more decentralized. We're on our home networks. You’re probably using a Wi-Fi router that you might not even know what the brand is that was given away by your service provider. You might be running your own up-to-date firmware on that Wi-Fi, but more likely that you are not. You might be up to date on your end points, or you might not. As a company, you don't know who is coming into your network because you don't know the environment that they're coming from. You don't know the state of their device or if there's been a phishing attack or account takeover attack. You don't even know if it's the right user hitting the right apps and data.
So, with Zero Trust Network Access, the assumption is that you do not trust any access request or connection before verifying it. The old adage is trust but verify, but it should be the other way around. You need to verify before you trust. Many of us are working from home, and that might end up being the new normal. So, we need to verify the user, the security posture of their devices, and their network all the time.
What sets Barracuda CloudGen Access apart? How does it keep organization secure?
It's very seamless from an end-user perspective. That really sets Barracuda CloudGen Access apart. It sits in the background and only communicates to the user when there's a policy violation. For example, if there's a corporate security policy that defines a certain thing needs to be up to date or needs to conform on the end point, then it will only communicate to the user when that needs to happen. Once that violation happens, it is communicated to users in a way that they can take action and self-correct. We call it the remediation engine.
The other thing is that we do a lot more on the endpoint rather then routing all the traffic to be inspected in a cloud environment, which slows things down. We only connect you to the internal applications on an as-needed basis. If you try to access something internal, we’ll create a micro-tunnel and connect you to that application. But if you're going to an internet resource, you will be released directly to the internet resource. You don't have to go through these cloud hops and suffer additional latency.
Also, we support mobile devices and various other modern computing gadgets. We support all forms of cloud deployments. From the beginning, we wanted to build a future-proof solution, a forward-looking cloud-native solution.
What makes Barracuda and Fyde a good fit?
First of all, we're both focused on mid-market customers but also quickly gaining adoption with enterprise customers, so that aligns well. But what was most appealing to us is that the technology stack is a perfect fit, from CloudGen WAN to Content Shield and the CloudGen Firewall. Bringing all of those things together with a Zero Trust Network Access component tells a complete story. It's a complete network security stack and creates this grander secure access service edge (SASE) narrative.
What are you looking forward to about being part of the Barracuda team? Are there integrations or projects that you're excited to get started on?
The integration with Barracuda Content Shield web security is going to generate a lot of value for customers, so we’re excited to get started on that. We're going to be bundling with Barracuda CloudGen Firewall, which will streamline deployment and quickly enable existing customers, so that's also tremendously exciting. In the long run, we're going to be able to tell this full security stack story. Now we have all the foundational blocks to build a platform that gives you the entirety of network security all under the Barracuda umbrella, which is brilliant. None of our competitors can say that.