Introducing Certes Networks Provable Security™

Introducing Certes Networks Provable Security™


03 February 2020

Introducing Certes Networks Provable Security – A New Way to Measure the Effectiveness of Your Security Strategy

February 3, 2020 – Traditional network and data security approaches have focused primarily on threat detection and vulnerability management. Demonstrating business value, such as compliance, risk management, or information security, has been challenging. Consequently, data security is more often looked upon as a necessary cost of doing business. However, as CIOs, CISOs and network security teams become more fully vested members of the C-suite, provable security remains an ever-growing and overarching goal when considering employing data security technology. Organizations want to see data assurance as a strategic investment in mitigating risk and as a quantifiable contribution to the overall value of their business.

Certes Networks Provable Security™ enables exactly that based on the Certes Five Pillars for Provable Security, or key performance indicators, that enable organizations to quantify security’s role to build, modify and measure a data security strategy that aligns and protects the needs of the organization while mitigating risk.

Certes Networks Provable Security™ is built on the Certes Five Pillars:

Pillar One: Policy Enforcement

Pillar Two: Crypto-segmentation

Pillar Three: Scalability

Pillar Four: Visibility

Pillar Five: Observability

Certes Networks Provable Security™ starts with the premise that policy enforcement is only as good as the policy defined and how that policy is enforced. While threats and vulnerabilities are virtually infinite, access to data is defined and is therefore finite and measurable. By enabling policy definition and enforcement at a highly granular level, risk can be eliminated and data security can be quantified, measured and outcomes driven.

Certes Pillar Two, Crypto-Segmentation creates a reduced scope of trust per policy, protected by encryption, to separate your applications and workloads.

Sean Everson, Chief Technology Officer, Certes Networks, comments: “Crypto-Segmentation removes the implicit trust we traditionally place in our network infrastructure by creating reduced scopes of trust to securely separate data flows between applications and workloads as defined by fine-grained policies, independent of the physical infrastructure or underlying network topology.”

The next pillar of Provable Security is Scalability. Certes Layer 4 solution is a scalable end-to-end encryption management solution that is network agnostic easily integrating into any existing network infrastructure, fully interoperable with the existing security stack and with zero impact to performance. Certes offers the ability to support multiple deployments across multi-vendor environments on any network or transport. With Certes Layer 4 technology, a customer can be sure that their data assurance posture will scale to support the depth and breadth of a customer’s environment, whether deployed top-of-rack, in a virtual environment, between data centers and applications (east to west) or simply just across the WAN or SD-WAN.

The Fourth Pillar of Certes Network Provable Security™ is Visibility. The Certes Layer 4 solution encrypts data in transit, allowing for secure encryption of only the payload enabling transparent deployment that operates independently of applications and the underlying network with zero changes to routers, switches and firewalls. Network visibility and operational functionality are thereby fully maintained with zero impact to performance.

The last Pillar is Observability, the lynchpin that provides real-time contextual meta-data enabling rapid detection of out-of-policy data and fast response remediation to any non-compliant traffic flow or policy change to maintain the required security posture on a continuous basis. Observability provides evidential and visual proof that an organization’s security strategy is effective.

Paul German, CEO, Certes Networks, concludes: “Organizations need to start thinking differently about data security. The major challenges for a CISO is no longer the network rather the data has to come first. With the launch of Certes Networks Provable Security™, we have a technology solution available today that allows CIOs and CISOs to visualize and understand their data, associated applications, workloads and behavior, with real-time contextual data. Organizations can now take actionable steps not only to measure the effectiveness of their security strategy but to gain deep insight into how to enhance their security posture and to manage and enforce policies.”

About Certes Networks

Headquartered in the U.S. with a global presence in Europe, Middle east and Asia Pacific, Certes Networks has been delivering data security technology solutions to enterprises and governments around the world for over 15 years. Our technology is deployed across 1000

customers in nearly 100 countries and is certified for FIPS 140-2 and Common Criteria EAL4+. Our global footprint of organizations using Certes technology has helped customers to meet national, international and industry-specific regulations.

To learn more about Certes Networks Provable Security™, please visit