FortyCloud Expands Cloud Security in the Enterprise

The security startup is now partnering with McAfee to extend its overlay approach to cloud security.

cloud security

One of the best ways for any company to expand its reach is by partnering with a bigger company that already has broad reach. That's exactly what cloud security startup FortyCloud is now doing by becoming part of the McAfee Security Innovation Alliance partner program.

FortyCloud, co-founder and CEO Amit Cohen told eWEEK, offers a security technology platform for cloud infrastructure. The company provides security as a service for the cloud and can tie into an organization's existing identity systems, including Microsoft's Active Directory.

"The partnership with McAfee is a great opportunity to be exposed to McAfee's enterprise customers," Cohen said.

A McAfee customer can now leverage FortyCloud to extend its operations to any cloud, protecting cloud assets as well as securely connecting cloud data centers to remote enterprise sites, he added.

"For us the opportunity is clear, since it's harder for us to chase one enterprise after another," Cohen said.

The partnership with McAfee will initially see the FortyCloud platform integrated with McAfee's Next Generation Firewall technology, with future support for McAfee's ePolicy Orchestrator (ePO) and Security Information and Event Management (SIEM) products.


The FortyCloud platform uses an overlay technology approach to enable cloud security and policy enforcement. Cohen explained that FortyCloud leverages IPsec tunnels to enable the overlay and provide security. IPsec is a technology that is widely used in the enterprise networking space for virtual private networks (VPNs).

"For a given organization, we are interconnecting all of their cloud resources using an overlay network of IPsec tunnels," Cohen said. "The benefit is that you have an encrypted virtual private network and you can use any kind of application over the network."

The FortyCloud platform includes several components, including a gateway that is installed on a cloud to provide security services. There is also a technology that FortyCloud calls the "Thin Agent," which provides additional security for virtual server instances running on a cloud.

Cohen noted that on a public cloud like Amazon or Rackspace, the network itself is typically shared. On some cloud vendor implementations, there is also a lack of cloud virtualization hypervisor firewalls, which can potentially leave virtual servers exposed, he added.

"The Thin Agent sits on the virtual servers and isolates them from the shared cloud network," Cohen said.

Public cloud providers such as Amazon typically have some form of security policy capability, though Cohen stressed that security is still really the responsibility of the user.

"What we do is we let the administrators configure security policies that are identity-aware," he said. "So you are able to define access control policies for different groups of employees."

Access control policies can be automatically configured by FortyCloud on a public cloud provider, according to Cohen. For example, an Amazon security group policy can be automatically configured by FortyCloud by understanding an enterprise's existing Microsoft Active Directory deployment.

From a corporate perspective, it's still early days for FortyCloud. The company has raised a seed round of funding from Magma Venture Partners, though Cohen noted the actual amount has not yet been publicly disclosed. Cohen also revealed that FortyCloud is now working on Series A funding round with a number of venture capital firms.

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.

Sean Michael Kerner

Sean Michael Kerner

Sean Michael Kerner is an Internet consultant, strategist, and contributor to several leading IT business web sites.