Red Piranha: A Holistic Approach to Enterprise Security

Adam Bennett, CEO

The crippling impact of cybercrime on all businesses is predicted to cost $6 trillion annually by 2021. As cybercriminals have become more sophisticated and insidious, in the current Internet Protocol Security (IPsec) market, protecting enterprise information is of paramount importance for businesses of all sizes. Majority of the market-leading security solution providers, however, are following the laws of economics by building expensive and high-end products that exclusively cater to large enterprises. In reality, small and medium-sized enterprises (SMEs) are the ones that are constantly targeted by the cybercriminals as they lack the deep resources and full-time security experts. Besides, SMEs typically use generic lower-end firewalls and boxed solutions that are incapable of providing end-to-end security. As cybercriminals continue to intensify their efforts, SMEs become more reliant on managed service providers (MSPs) not only to fight against cybercrime but also to improve their profitability and productivity of the business.

"We are not trying to just sell a product; instead by partnering with major MSPs, we are offering a platform that can increase their service offerings to their clients."

Observing that SMEs have no “limited” specific cybersecurity products designed and developed, the founders of Red Piranha decided to fill the void in the IPsec market with smarter and more responsive managed security solutions. Established in the year 2015, the Australian-based Red Piranha is on a mission to empower MSPs and SMEs with advanced security products to thwart cybersecurity threats and help them protect their enterprise information while meeting modern compliance requirements. “Our ultimate aim is to design and deliver a holistic threat protection solution that meets the ever-changing compliance requirements at an affordable cost to businesses of all sizes,” begins Adam Bennett, CEO of Red Piranha. Governed by a vision to equip organizations with end-to-end protection, regulatory compliance at highly affordable rates, Red Piranha is extending the frontiers of conventional security to provide the most exhaustive and effective security measures on the market.

A Multi-Layered Security Firewall

Meticulously designed to meet the needs of MSPs, Red Piranha’s Crystal Eye is a next-generation unified threat management (UTM) platform that helps in intrusion protection, detection and response. “It is Australia's first full UTM product designed for Australian MSPs and SMEs,” remarks Bennett. The core strength of the Crystal Eye platform pertains to its comprehensive range of security feature integration that includes SIEM, NGFW firewall, intrusion defense systems (IDS) and intrusion prevention systems (IPS), backup, data loss prevention (DLP), and more. By incorporating a next-generation IDS and IPS system, Red Piranha’s crown jewel—Crystal Eye—provides reporting and tuning options that drastically reduce the administrative burden of managing a complex IDS/IPS installation.

Our ultimate aim is to design and deliver a holistic threat protection solution that meets the ever-changing compliance requirements at an affordable cost to businesses of all sizes

As a multi-threaded engine, the Crystal Eye IDS/IPS system offers increased speed and efficiency in network traffic analysis. The multi-threading feature running on multi core CPU appliances enables the Crystal Eye system to scale both vertically and horizontally, allowing for potential use in higher end corporate deployments, with high end throughput requirements.

Unlike traditional firewalls which typically filter the network traffic by inspecting the source and destination addresses, the Crystal Eye platform introduces a sophisticated application layer to the firewall. This filters traffic based on information available within the application layer. The platform also helps SMEs to overcome the challenges associated with BYOD, by leveraging advanced features and settings for policy control over network segments, hybrid cloud integration, multi-tenant IDS/IPS, and much more. The Crystal Eye platform utilizes advanced technologies like machine learning and automated actionable intelligence to prevent the growing secure sockets layer (SSL) and encrypted traffic attacks. The Red Piranha threat intelligence systems and service delivery network process over 14 million global attacks and IOCs a day to quickly create the most up-to-date defense. The company’s UTM platform also adopts a unique gateway application whitelisting strategy, to give ironclad protection against zero days, encrypted malware, and unknown threats before they strike. Unlike other UTM platform providers, Crystal Eye can be deployed on all network boundaries, regardless of any infrastructure model.

The Power of Threat Intelligence

According to Bennett, the major problem lies with cost and complexity of deployment and management of multiple vendors to implement critical controls needed to get the best defense in depth strategy. It is a daunting endeavor for CIOs to deploy, manage, and secure numerous devices and meet compliance, all of which must mesh together to form a watertight network. Adding to the woes, increasing regulation in Australia and the rest of the world means critical controls and compliance can no longer be ignored.

“CIOs must know of threats, intrusions, any potential breaches, or compromises to their security in real-time,” he emphasizes. Red Piranha addresses these challenges by building a platform that upholds the concept: protect, detect, and respond. “We don’t just protect against intrusion, we detect it and then respond to it. This is central to building a robust network.”

Red Piranha makes use of threat intelligence, which comprises intelligence feeds that gather unique insight about exploits and vulnerabilities, all in real time. Subsequently, the collected information is updated in the Crystal Eye Platform to ensure the safety of the network. Further, the Crystal Eye platform also offers security information and event management (SIEM) as a service that allows MSPs to quickly detect cyber threats.

Red Piranha also offers centralized management capability to MSPs by providing a unique dashboard that offers a single pane of glass view to all the networking policies, system health messages, and all critical security controls. The company’s entire portfolio of security appliances are designed according to a customer's specifications with the latest technology rather than contract manufactured running the latest Gen8 Intel multi core processors. The appliances are then shipped to customers within two weeks. Once the appliances are installed, Red Piranha’s specialists walk the MSPs through a number of different dashboards.

For instance, using the security dashboard, MSPs can monitor the real-time traffic on the networks to address specific issues and improve the sluggish device performance.

Bennett also draws attention to the importance of compliance controls, which oftentimes is understated within the SME market that is more focused on traditional perimeter security or end point virus protection. This oversight presents a huge risk to the core operations of SMEs. Red Piranha helps enterprises meet compliance requirements through the use of a collection of services and controls implemented in the UTM product. They also help clients to meet tough new data breach reporting regulations. In addition, the inclusion of compliance features in the Crystal Eye eases the burden of administration and reduces the cost of deployment. Reports and security controls are linked to the cloud GRC system, allowing MSPs to manage the GRC requirements of multiple clients online all from a single dashboard.

Toward a Secure Future

To exemplify more about Crystal Eye’s capability, Bennett cites a real-world instance from the company’s repertoire of customer success scenarios that showcases the efficiency of the firm’s solutions and the promise that extends to the IPsec market. In 2017 Red Piranha underwent a security audit that was performed with the intention of verifying and validating the features and performance and security of the Crystal Eye platform. After completing the audit from external independent auditors, Red Piranha began to roll out live network trials with a number of test clients. These trial clients ranged from cloud deployments to single office deployments and multi-branch multinationals with branch offices in Sydney and San Francisco.

Single office deployment clients were able to expand visibility over their networks and introduce much-needed compliance controls at a fraction of the cost and with much lower management burden for the administrators not having to implement multiple vendor products. For instance, CRE insurance, Australia’s leading independent insurance broking and advisory firm was able to implement data loss protection over its files for no extra cost after the initial deployment of the Red Piranha’s platform. The platform also makes use of SIEM and data analytics to protect the business and its digital assets. Multi-branch organizations were able to save thousands of dollars with high compliance information security management system rollouts, gaining access to full monitored SIEM, Internal vulnerability scanning, corporate site-to-site VPN connections and creating a virtual perimeter between site offices and cloud deployments with the platform. This made total network monitoring and policy control easy and quick, giving the head office the reports they needed and control over remote site staff and data.

Along the path of innovation and en route to global expansions, Red Piranha is planning to extend their footprint in countries like UK and Canada in 2019. The company also looks forward to developing more products and cloud-based services that can secure and improve the business. Bennett adds, “We are also building out the first of many security operations centers in Perth and deploying two new centers in other states in Australia.” Bennett credits the success of Crystal Eye to his passionate information security engineering team that is dedicated to bringing the best defense possible to the SME market. In conclusion, he affirms, “We are not trying to just sell a product; instead by partnering with major MSPs, we are offering a platform that can increase their service offerings to their clients.”