Endpoint Security , Governance & Risk Management , Internet of Things Security

Zscaler Buys Airgap Networks to Fuel Segmentation in IoT, OT

Deal Will Thwart Lateral Movement of Malicious Traffic Inside of Corporate Networks
Zscaler Buys Airgap Networks to Fuel Segmentation in IoT, OT

Zscaler purchased an agentless segmentation startup founded by longtime Juniper Networks executives to dynamically control access to critical infrastructure based on identity and context.

See Also: What GDPR Means for Cybersecurity

The San Jose, California-based cloud security vendor said its acquisition of Silicon Valley-based Airgap Networks will prevent sophisticated threats from moving laterally within IoT or OT devices. The startup enforces zero trust principles across east-west device traffic, shrinking the internal attack surface to help eliminate lateral threat movement on campus and critical infrastructure networks, according to Zscaler.

"This is more targeted for security teams because they are the ones who are most concerned about segmentation projects taking off in the right way because of the challenges and complexity present," Vice President and General Manager of Product Management Naresh Kumar told Information Security Media Group. "This is going to alleviate that pain for them; no need to worry about agents."

Preventing Lateral Movement Inside Corporate Networks

Airgap addresses the significant gap in securing east-west traffic within local area networks, where he said organizations have for too long equated being behind a perimeter with being secure. The firm's use an agentless proxy architecture will enable Zscaler to simplify security without compromising on effectiveness, according to Kumar (see: Zscaler Expands AI Security Capabilities by Acquiring Avalor).

Zscaler and Airgap's products will work together in operational technology and similar settings within the next two quarters, with the former handling north-south traffic and the later east-west traffic, Kumar said. In the third quarter following deal close, Zscaler will integrate Airgap into its single gateway platform, allowing everything to be managed from a single location, according to Kumar.

Kumar expects that roughly 40% of Zscaler's enterprise customers will begin using Airgap's technology within the next 12 months, which will at least triple - and possibly quadruple - Airgap's already sizable pipeline. Zscaler also will closely monitor the sentiment of existing Airgap customers to enhance they receive the same or enhanced level of service and support as the integration process plays out, he said.

"Most important is making sure their existing customer base is fully happy and completely on board with whatever we're doing," Kumar said.

Airgap Networks, founded in 2019, employs 42 people and in April 2022 completed a $13.4 million Series A funding round led by Storm Ventures. The company has been led by Ritesh Agrawal, who prior to starting Airgap spent eight-and-a-half years at Juniper Networks, where he primarily spearheaded product management for the company's security portfolio. Terms of the acquisition weren't disclosed.

What Sets Airgap Networks' Technology Apart

The company's technology delivers real-time device discovery and inline enforcement, neutralizing advanced threats like ransomware on IoT devices, OT systems and agent-incapable devices. Airgap also can disable non-essential device communications to halt lateral threat movement without interrupting business operations, according to Zscaler.

Airgap Networks can identify and control all traffic from managed and unmanaged devices on any branch, campus or factory network without requiring changes to the existing switching and routing infrastructure. This eliminates the need for east-west firewalls and network access control technologies, which Zscaler said contradict the "never trust, always verify" foundational principle of zero trust.

"Why is Airgap's technology so compelling?" Kumar wrote in a blog post. "Their agentless, identity-based approach to segmentation is a total re-think of the complexity of legacy segmentation approaches, for stronger, more predictable segmentation outcomes and greater operational simplicity."

Kumar said Airgap can provide visibility and policy enforcement at every connected endpoint without adding any software, eliminating the risk of east-west lateral movement without hardware upgrades or operational disruption. Airgap will help Zscaler enforce segmentation on east-west traffic, shrinking the internal attack surface and eliminating lateral movement on campus, data center and OT networks.

With automatic device discovery and classification, network administrators can better manage performance, uptime and security for IoT and OT systems without complex inventory management, he said. Airgap can discover, classify and inventory IoT and OT devices without the need for endpoint agents and get a baseline of traffic patterns and device behaviors to determine authorized and unauthorized access.

"An agentless approach is essential for effective east-west segmentation on LANs, given that in many scenarios, be it unmanaged device, aging legacy servers, or headless IoT/OT infrastructure, deploying agents is an impossibility," Kumar said. "However, with Airgap, Zero Trust segmentation is possible in campus LAN and OT environments, no matter the device."

Airgap is Zscaler's 10th acquisition since 2018, according to Crunchbase. The deal comes less than a month after Zscaler bought data security startup Avalor for a reported $350 million to help customers stay ahead of threats by beefing up data quality and AI models. In February 2023, Zscaler bought Canonic Security for $16.5 million to thwart SaaS supply chain attacks and streamline app governance.


About the Author

Michael Novinson

Michael Novinson

Managing Editor, Business, ISMG

Novinson is responsible for covering the vendor and technology landscape. Prior to joining ISMG, he spent four and a half years covering all the major cybersecurity vendors at CRN, with a focus on their programs and offerings for IT service providers. He was recognized for his breaking news coverage of the August 2019 coordinated ransomware attack against local governments in Texas as well as for his continued reporting around the SolarWinds hack in late 2020 and early 2021.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.