Telstra: Multi-cloud security is 'critical' for our strategy

A new strategic partnership with a hybrid cloud security company is 'fundamental' to Telstra's overarching cloud plans.

Telstra has flagged the importance in securing datacentre and multi-cloud services, calling it "critical" to its overarching strategy, by entering a partnership with a hybrid cloud security startup.

The partnership will see Australia's incumbent telecommunications provider add another layer of security solutions to its enterprise managed services portfolio, while vArmour is enabled to expand the footprint of its distributed security system across the APAC region.

The partnership was kicked off by Telstra investing between $5 million and $10 million in vArmour's $41 million series D funding round.

Interest in multi-cloud security is what drove Telstra Ventures' "very strategic" partnership with vArmour, according to Jeremy Howe, director of IP Data and Security Solutions at Telstra.

"We're really excited about the vArmour investment and the strategic partnership that we're going to embark on, because this sort of offering and solution is really critical to our strategy," Howe told media on Wednesday.

"Many of you will be aware our cloud strategy really is one around multi-cloud and hybrid cloud, and so we have a range of solutions [for] both public cloud and private cloud, partnerships with nearly all of the global public cloud infrastructure providers.

"This is really important to our strategy, really important to Telstra in terms of us adding value as a cloud provider, and adding value as a multi-cloud and hybrid cloud provider. Not just providing cloud services, but the network and the security layers are really fundamentally important to us."

The Mountain View, California-based cloud security startup was founded in 2011 and launched in 2014 when the Home Depot data breach occurred, which vArmour VP of Strategic Markets and Business Development Keith Stewart called good timing.

According to Stewart, vArmour sets itself apart from the traditional "perimeter"-based firewall approach to datacentre security by being more segmented and flexible.

"This idea of a perimeter -- that there's some fixed location where I can have good guys on one side and bad guys on the other -- was outdated, it didn't fit the way businesses operate. So we needed an architecture that blew up the traditional idea of a perimeter while still enabling people to be secure as they approach cloud," Stewart explained.

"We take security, move it down individually next to the things you're trying to protect, and we wrap them up in their own individual 'micro perimeter', or a micro segmentation. That allows us to move that trust boundary, that point where you're deciding good is on one side, and bad is on another, and move it down to the individual workload because that's never been done before."

Telstra Ventures' Marcus Bartram agreed that vArmour's security product fills an important niche and solves an issue facing cloud providers.

"It was really clear to us that there was an emerging problem in that it's very difficult to secure a datacentre, and especially a virtualised datacentre or a cloud datacentre [at a time when] enterprise customers were starting to use cloud and virtualised datacentres for their applications," Bartram said.

"Historically, if someone is able to get into a datacentre and hack a datacentre, it then becomes very easy to sort of transverse that datacentre so they break into an application or a server or something else, and they can kind of get anywhere inside an enterprise. So it's a very obvious weak spot and a very difficult thing to secure."

Craig Joyce, director of Security Practice at Telstra, added that the firewall approach creates bottlenecks and issues with how the company wants to route traffic through the cloud environment, and is inflexible. vArmour's product provides more visibility in security, he said.

vArmour has more than 160 customers, and while they could not specifically name them, those customers include United States government agencies, some of the top 10 big banks globally, big retailers, and large healthcare providers. Stewart added that the $41 million raised during the Series D funding was double the amount the company had raised in total prior, and triple the value of vArmour itself.

The strategic partnership with vArmour follows several big plays in the multi-cloud area by Telstra; last month, Telstra unveiled a business multi-cloud connecting solution to support the use of hybrid cloud services including those from Microsoft, Amazon Web Services (AWS), VMware, and IBM. The solution, called Cloud Gateway, allows customers to connect directly to multiple public cloud environments via Telstra's IP network.

Cloud Gateway will enable Australian customers to connect to Microsoft Azure, Office365, AWS, IBM SoftLayer, and VMware vCloud Air, while international customers can only access AWS and IBM SoftLayer for now.

In March, the telecommunications provider also announced its three software-defined networking (SDN) and network function virtualisation (NFV) products alongside Cisco to improve cloud security and global datacentre interconnection: Cloud Gateway Protection, Internet Virtual Private Network, and Data Centre Interconnect.

Cloud Gateway Protection is a virtual security application designed to secure cloud services, internet access, and Next IP networks against cyber attacks and unauthorised access, while Internet VPN provides a secure and encrypted office network over public internet for businesses to use across several sites and by mobile workers.

Data Centre Interconnect, the third product, extended Telstra's SDN PEN1 global datacentre interconnection product through the addition of Australian points of presence. Through PEN1, business customers can directly set up and configure links between overseas and domestic datacentres on flexible contracts.

Telstra in January also acquired APAC cloud services company Kloud and invested in Chinese cloud company Qiniu.