Upgrading our enterprise portfolio with SASE

We’re acquiring an SD-WAN provider to upgrade our enterprise portfolio with SASE and reinforce XDR.

Today I’m proud to announce that we have acquired a company called Brain4Net, an SD-WAN and NFV orchestration software developer. That means we’re going to significantly boost our cloud security capabilities and XDR offering. The acquisition enables us to develop reliable detection and response capabilities in the “cloud-first” paradigm by delivering our own solutions based on SD-WAN and NFV to the market.

To begin, let’s talk about strengthening our solution portfolio with Secure Access Service Edge capabilities.

On the market since 2015, Brain4Net spent six years developing solutions for IT automation and building software-defined networking. Now the team is joining us to build a compelling Secure Access Service Edge (SASE) solution, adding its experience and developments to help us create a unified platform by adding a network-security layer to our best-in-class security expertise. Using a single data lake and a single investigation tool across endpoint, cloud, and network data significantly accelerates security teams’ operations in threat detection and response.

Distributed IT architecture is the new normal

A typical enterprise IT infrastructure used to include headquarters with a central data center as well as branches that directed all of their traffic through HQ. In time, companies began migrating their infrastructure to the cloud. However, since the COVID-19 pandemic began, the speed of migration has skyrocketed, and the trend of working from anywhere is rendering traditional approaches to IT infrastructure virtually obsolete.

One way to reduce expenses and streamline distributed IT operations is to adopt software-defined wide-area network (SD-WAN) technologies. Using an SD-WAN enables the construction of wide-area networks (WANs) on the principles of software-defined networking (SDN). SD-WAN solutions enable the routing of traffic through various parts of corporate networks efficiently while providing a single point for management and monitoring. They create virtual overlays using all sorts of existing networks (based on MPLS, Internet broadband, LTE, 5G, or similar), and they are less expensive and easier to deploy and manage than traditional MPLS-based WANs are. On the IT side, SD-WAN brings high performance, visibility, and corporate network agility. It also reduces maintenance costs.

Our approach to distributed security

Protecting distributed infrastructure requires first delivering security as a cloud computing service to the source of connection, be it a remote office or an employee working from home, and second, ensuring complete visibility of network and endpoint events. You can achieve that by adopting a SASE principle reinforced with extended detection and response (XDR).

To meet market demands, network security companies are building endpoint capabilities and forging alliances with traditional security vendors. But existing security providers are unable to deliver holistic approaches to securing systems against advanced threats. Integrating external network controls into XDR developed by endpoint security vendors does not provide enough visibility into or investigation capabilities for incidents happening inside enterprise environments. That is why we chose another approach: Integrating the Brain4Net team will enable us to create a unified platform seamlessly integrating endpoint protection capabilities with network controls. Working together, the XDR platform with SASE will allow enterprises to implement a zero-trust strategy.

SD-WAN role in enterprise portfolio

Advantages of our own SD-WAN

The move brings us into new territory and sharpens our goal of becoming a single-point provider of enterprise security both for endpoints and for networks. Kaspersky’s SASE offering means not only securing our customers, but also becoming their connectivity service provider.

The step into network security enables us to upgrade our XDR proposition as well. We already provide our customers with best-in-class security software; adding a network security layer gives us an additional competitive edge. Covering all possible scenarios by filtering traffic and monitoring endpoint security incidents, and correlating network and node activity, further improves our abilities to detect and respond to complex threats.

We are moving our core enterprise security business in this important direction to provide our customers with stable and cost-efficient networking services while continuing to protect them from most advanced and stealthy threats.

Further plans

Kaspersky is becoming more active in mergers and acquisitions, with an eye toward acquiring strong teams that can bring synergies to our core business. As an example, Brain4Net is a successful company with technologies, solutions, and paying customers, with a team and products we are very optimistic about integrating. And this is far from the final stop in our M&A journey; other deals in the pipeline stand to improve our value proposition even more.