Menu
Firewall start-up Aorato sniffs out Active Directory anomalies

Firewall start-up Aorato sniffs out Active Directory anomalies

Start-up Aorato has come out of stealth mode with what it calls a firewall designed to protect Microsoft Active Directory shops.

The vast majority of enterprises using Active Directory do so for authentication and authorization in a Windows-based network, plus also to handle requests associated with cloud services and mobile, points out CEO and co-founder Idan Plotnik, whose resume includes positions at a handful of security organizations. The Directory Services Application Firewall the start-up has developed is intended to stop attacks directly on Active Directory as well as monitor network traffic between Active Directory servers and the users.

+ More on NetworkWorld: Massive denial-of-service attacks pick up steam, new nefarious techniques | Start-up Adallom takes on SaaS security auditing, monitoring +

Aorato's firewall, expected to ship next month in either an appliance or virtual-machine form factor for VMware or Hyper-V, can learn to detect anomalous behaviors that fall outside normal patterns that often indicate an attack, says Plotnik."If malware steals your identity inside the network, we will find that abnormal activity," he says. It will monitor passwords or use of Kerberos to identify possible attacks and aggregate it into an attack timeline in order to alert the organization's security team. Aorato says it has well over a dozen customers in private beta.

While there are many anomaly-detection products on the market, Plotnik says he believes this is the first strictly oriented toward Active Directory. Today, the Aorato firewall is oriented toward detecting suspicious events based on behavior but further development to add blocking capabilities is anticipated.

Aorato, based in Israel, is establishing U.S. headquarters in New York City. The start-up has received $10 million in funding from investment firms that include ACCEL Partners, as well as individual investors Rakeesh Loonkar (co-founder of Trusteer), Mickey Boodaei (co-founder of Imperva and Trusteer), Innovation Endeavors and Glilot Capital Partners. CEO Plotnick started the firm with his brother Ohad Plotnik, vice president of professional services, and Michael Dolinsky, vice president of research and development.

Ellen Messmer is senior editor at Network World, an IDG website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail: emessmer@nww.com

Read more about wide area network in Network World's Wide Area Network section.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags MicrosoftVMwareWide Area NetworkFirewall & UTM

More about IDGImpervaMicrosoftTrusteerTrusteerTrusteerVMware Australia

Show Comments
[]