Skip to main content

Reflex Security CTO interviewed; Security discussed!

A little about Hezi Moore

Hezi is the founder of Reflex Security and pioneer of the automated network intrusion response system. He brings more than 15 years experience in security, networking and entrepreneurial experience. Prior to founding Reflex Security, Hezi was president and co-founder of MicroTech Systems - a firm specializing in network design and configuration of point-of-sale systems - which was subsequently acquired by Retail Technologies International of Sacramento, California. He has also held such diverse occupations as a technical support and research analyst for GE Technology.

And what I thought about Hezi?

I think Hezi came upfront and was very open about their strategy. Hezi fits in many ways rather snugly in the world of "Connect and Collaborate", the new world, the one ridden with the Cynefin puzzles.

We discussed some real issues that we are facing in the industry, which is at the cusp of a total data center overhaul, if you will. I think a lot of firms, whether in stealth or in business, are still hiding away from the "real facts", Hezi and I spoke about some real facts, and that is where a firm, led by such leaders, can really strike a chord with its customer base.

Here are the Q&As:

Tarry Singh: Tell us something about Reflex Security and its product line?

Hezi Moore: Today Reflex Security provides security for core networks, datacenters and virtualized environments. The company was founded in 2000 as an IPS company. At that time, Reflex provided security for perimeter and gateway for mostly SMB market through our appliance-based Interceptor IPS solutions. In 2003 the attack landscape changed, and Reflex solutions evolved and we began developing products to protect the core and datacenter providing security in the LAN. Requirements are different in the core than the typical gateway security requirements. There is a need for network visibility, high-speed, high-availability, switching capabilities and integration into current infrastructure. Our Multi-gigabit products, the MG5 and MG10, are network security switches deliver up to 10Gbps of secure throughput with the reliability, density and manageability needed for mission-critical networks and applications running in the core network. In 2005 many companies started deploying virtualized solutions and Reflex developed the first Virtual Security Appliance (VSA) that sits inside virtual environment and provides visibility
and security for the virtual network.

Tarry Singh: What is your differentiated strategy? What makes you different than other vendors such as Bluelane, Catbird etc?

Hezi Moore: What differentiates Reflex is our history, our customers and our focus on core network, datacenter and virtual security solutions. Reflex Security has been in the security business for more than 7 years providing solid security solutions to our customers. We have taken this knowledge and leveraged our security expertise to be the first to market with a Virtual Security Appliance in early 2006 and a high-performance, scalable, multi-gigabit Network Security Switch solution in 2007.

Unlike some competitors, Reflex Security offers a multi-faceted solution that combines critical security features such as signature-based and anomaly-based analysis, Botnet, IDS/IPS, server-based NAC, LAN firewall, Anti-malware, policy enforcement, network visibility and patch shielding. We have the capability to provide these core advanced security features to the physical and virtual environment. We also provide a robust integrated security management console that allows enterprises to manage both physical and virtual security from a single interface.

We have not seen other competitors that can provide this level of security and combination of hardware and software in both the physical and virtual network.

Tarry Singh: Are you looking you expand within EMEA? What are you doing on the marketing front?

Hezi Moore: Reflex has had a presence in EMEA for several years now and we have a growing customer base worldwide. We are currently expanding our sales team throughout EMEA to answer market demand of the multi-gigabit network security switch solution and the Virtual Security Appliance. We have seen a good pace of adoption of virtualization in EMEA over the past few years and we have great traction with our VSA product. We are very successful in that region we will continue to expand our marketing efforts in 2008 to target enterprises looking for core network, datacenter and virtual network security solutions.

Tarry Singh: How is your relationship affected with VMware since its acquisition of Determina?

Hezi Moore: We were one of the first to approach VMWare about security solutions for the virtual network two years ago and we continue to have a very good working relationship with VMWare today. Reflex Security is a technology alliance partner, community source partner and we work very closely with the VMWare team regarding security solutions for VMs and virtual networks. The acquisition of Determina has not impacted our relationship or our work with VMWare. This acquisition is primarily to secure the Hypervisor and below. VMWare is continuing to expand its partner program, leaving the virtual machine security to the security partners like Reflex Security, so they can focus on the core competency of its business.

Tarry Singh: Why is the industry so sluggish when it comes to adopting Security and Backup?

Hezi Moore: IT operations are aggressively pursuing, and businesses are funding virtualization projects due to rapid ROI. However, as with any new technology, there exists a lack of best practices, experience and established collaboration framework for security. This combined with the desire to achieve rapid savings, leads to security often being an afterthought.

As a result many virtualization projects are at risk of being less secure than their physical counterparts. Emerging trends, such as virtual server sprawl and mobility, threaten to replace one problem with another, potentially more un-manageable. The lack of Best Practices and established frameworks often places IT Operations and Security Teams at opposing ends of the project thus slowing or stalling adoption.

In many respects virtual and physical infrastructure appear the same. However, numerous features and benefits of virtualization create unique security challenges. Virtualization technologies introduce new levels of administration that challenges, and in some cases, breaks traditional IT separation of duties.

Tarry Singh: What culture change do you expect to see in the coming future?

Hezi Moore: As we continue to see more and more enterprises implement virtualization on any scale, I believe we will see a convergence in management of the datacenter. We are already seeing this change starting to occur in the organizations that we are working with today regarding virtualization and security.

Historically there has been a divide between the System Administrators that own the network and servers and the security teams that manage the security policies. In the future, these teams will have to work together to implement these multi-functional technologies to address these cross-functional requirements. Currently there are not many resources with the breadth of capabilities that are needed for this type of management of the core network and/or datacenter. There is a need for a new multi-faceted skill set combining server knowledge, virtualization and security expertise to manage the datacenter of tomorrow.

Tarry Singh: What are your future plans? Can you tell us what are you planning for 2008, 2009, 2010? Is reflex working on the RTI (Real Time Infrastructure) readiness?

Hezi Moore: In the future, Reflex Security plans to continue to be the leader in integrated network security for core networks, datacenters and virtual networks by integrating security into the virtual switch to provide security per port. We are also working on additional features that will provide the administrator more visibility in the datacenter and inside the virtual network.

Regarding RTI our plan is to integrate with Vmotion to adapt our system to dynamic infrastructure changes. For example, as Vmotion moves a server from one environment to another environment the security policy that is associated with this server will follow the server to the new environment. The security system should dynamically change to adapt to the new change of the network infrastructure. By providing more visibility into the network infrastructure the security policy can easily adapt to changes that are driven by business events to optimize cost, reduce risk and enable growth.


  1. I am a customer of Reflex products and according to this post it says there is BOTNET detection in the product. Is this more marketing hype than reality or is there a new version of software that I should download?

    I personally hate reading marketing stories like this because it gets customers very confused on whats really out there in the market. If its available, then great! customers will see value and take advantage of it, but if its not available and coming out in the future, then just tell us! Don't mislead us.

    -Anonymou Reflex Customer


Post a Comment

Popular posts from this blog

Get Vyatta Virtual Appliance, now VMware certified!

We all know Vyatta, don't we?

Vyatta, the leader in Linux-based networking, today announced that its open-source networking software has received VMware Virtual Appliance Certification, thereby providing customers with a solution that has been optimized for a production-ready VMware environment. The company also announced it has joined the VMware Technology Alliance Partner (TAP) Program. As a member of TAP, Vyatta will offer its solutions via the TAP program website. With the Vyatta virtual appliance for VMware environments, organizations can now include Vyatta’s router, firewall and VPN functions as part of their virtualized infrastructure.

Vyatta combines enterprise-class routing and security capabilities into an integrated, reliable and commercially supported software solution, delivering twice the performance of proprietary network solutions at half the price. Running Vyatta software as virtual appliances gives customers many more options for scaling their data centers and cons…

3PAR adds native LDAP support to simplify administration

3PAR®, the leading global provider of utility storage, announced today native support for lightweight directory access protocol (LDAP). Support for LDAP enables centralized user authentication and authorization using a standard protocol for managing access to IT resources. With 3PAR’s support for LDAP, customers are able to now integrate 3PAR Utility Storage--a simple, cost-efficient, and massively scalable storage platform—with standard, open enterprise directory services. The result is simplified security administration with centralized access control and identity management.

“3PAR Utility Storage already provides us with a reliable, shared, and easy-to-use consolidated storage platform,” said Burzin Engineer, Vice President of Infrastructure Services at Shopzilla. "Now, with 3PAR support for LDAP, managing security commonly--across all our resources, including storage--is also simple and efficient.”

Press Release

DeepLearningTrucker Part 1