Rohati Systems is stepping out of stealth mode with a network access control appliance.In 2006, five security, systems and networking experts with a combined
40-plus years of experience at Cisco Systems formed a network security startup
and took aim at the access management market.
Now, two years later, that startup—Rohati Systems—has stepped out of the
shadows with a high-speed appliance that relies on user entitlements to control
access to applications. The Rohati TNS
(Transaction Networking System) platform functions at Layer 7, providing
transaction-level enforcement and allowing users to create granular entitlement
policies and controls. It uses XACML (Extensible Access Control Markup
Language) in a bid to eliminate the need for client or server agents or any
changes to applications.
Today, entitlement control is typically coded into applications, said Rohati
CEO Shane Buckley. The challenge for
enterprises is that addressing this across the applications they use can be a
multiyear, multimillion-dollar task, he said.
Cisco and EMC team up for data security. Click here to read more.
Combining the granularity of software-based entitlement management solutions
with a high-performance networking platform, Rohati seeks to close the gaps
created by firewalls that are unable to provide the granularity TNS
offers. Traditional firewalls see IP addresses, but cannot offer the type of
context TNS does at 7, Buckley said.
Customers can put the product in the data center in discovery mode to learn
about users and their attributes. The product then stores information on
transactions to help administrators set policies. Administrators can also use a
simulation mode to extrapolate how policies will affect users once the policy
is officially deployed, Rohati officials said.
The technology goes a step further than role-based rules, Buckley said,
explaining that a user's role in an organization can be nebulous.
"Role is not specific enough; role is one attribute in active
directory," he said.
Burton Group analyst Gerry Gebel said the popularity of Microsoft SharePoint
has presented the challenge to IT departments of applying regulatory controls
to unstructured data in a collaborative environment.
"Entitlement control solutions offer an alternative approach by
overlaying an access control layer over SharePoint, which can contain sensitive
or regulated data," Gebel said in a statement.
There are two versions of the appliance: the TNS 100,
priced at $20,000, and the TNS 500, priced at $85,000. The appliances are
slated to ship in July.
