Cradlepoint Raises $89M to Advance Overlay Network Security

As the move toward 5G wireless nears, Cradlepoint is aiming to grow its cloud managed network overlay service to help manage and protect devices and organizations.

cradlepoint net cloud

Cloud-based networking services vendor Cradlepoint announced today that it has raised a new $89 million Series C round of funding, to help grow it efforts to secure organizations and enable managed wireless access.

The new round of funding was led by TCV, and brings total funding to date for the company up to $142 million. The basic premise behind Cradlepoint is that it uses its NetCloud cloud-managed network together with physical networking hardware, to help enable a secure networking overlay for organizations and their devices. A core element of Cradlepoint's approach is using wireless 4G/LTE technology.

"We make 4G LTE into an enterprise-grade WAN (Wide Area Network)," George Mulhern, CEO and Chairman of the Board at Cradlepoint, told eWEEK. "With this new investment, we want to stay ahead of the curve as the market moves to 5G and more software defined networking approaches."

The idea of using a cloud-managed network overlay approach to help secure connectivity isn't an idea that is unique to Cradlepoint. Multiple companies, including Cato Networks, which raised $30 million in a Series B funding in September 2016, are also chasing the market opportunity. Mulhern sees his company as being differentiated in the market with its existing 4G LTE wireless capabilities that can help to enable secure connectivity for people, places and things.

Mulhern explained that Cradlepoint has a cloud managed routing platform for branches, vehicles and other IoT applications, that has been tuned to help optimize 4G LTE use. Cradlepoint currently has a Software Defined WAN (SD-WAN) architecture for access and is also building a Software Defined Perimeter (SDP) approach to help secure people and things. SDP is a network security approach that is being defined by the Cloud Security Alliance (CSA).

Ryan Allphin CTO at Cradlepoint explained that his company is using a network overlay, that is a form of network encapsulation on top of an existing organization's networking structure, to enable a broader WAN, with improved security characteristics. Allphin explained that Cradlepoint's router gateways can be used to help create overlay networks across different devices and Local Area Networks (LANs). The Cradlepoint system can also perform what is known as service injection into the overlay network, enabling organizations to do additional analysis or to perform various security functions.

From a security perspective, Allphin said that Cradlepoint has firewall and Intrusion Prevention System (IPS) capabilities on the physical network hardware. On the overlay network, Cradlepoint provides an extensible platform where third party security vendors can plug in, to provide additional capabilities.

"We're not a pure play security vendor, we're more of a network orchestrator," Allphin told eWEEK. "We provide an extensible overlay platform that security vendors can talk to, based on the need."

While Cradlepoint doesn't bill itself as a pure play security vendor, there is a strong access control element in the platform today, with more to come in the future. Allphin explained that Cradlepoint has Public Key Infrastructure (PKI), for access onto the network. As part of the network admission process, Cradlepoint will identify a given device, as well as the capabilities of the device.

The idea of a pre-admission control is often part of what is known in the industry as Network Access Control (NAC). Allphin noted that Cradlepoint's NAC capabilities are currently rudimentary, but the new funding will be used to help expand the feature set.

"We give organizations visibility into what types of devices are connecting to a network and what applications are being used," Allphin said. "Visibility is the first step in security."

Allphin added that as IoT grows and more things are getting connected Cradlepoint can also help organizations to identify whether device behavior is normal, or if it is potentially malicious.

"We can show enterprises at a branch level if something odd is going on that they need to pay attention to," Allphin said.

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.