The security firm signs on Avant Communications, gets props from Honeywell and will soon debut on Azure Marketplace.

Lorna Garey

September 19, 2016

7 Min Read
Computer Security

Lorna Garey**Editor’s Note: Click here for a list of August’s important channel-program changes you should know.**

Channel Partners recently visited Cryptzone’s Waltham, Massachusetts, offices to hear about the company’s cutting-edge technology and new channel-program enhancements, and to find out how it aims to help partners enter an IT security market that Gartner says generated $75 billion in 2015 and is growing at about 8 percent annually.

CryptzoneGreater Boston is a cybersecurity hot spot. Local firms like Cryptzone, which got its start securing over-the-air communications to fighter jets, are taking a growing share of some $3.8 billion in VC funding that went to the sector in 2015, and they’re bringing partners along for the ride.

Sometimes, that takes a bit of hand-holding.

“Partners think they know security,” says Tina Gravel, SVP of strategic alliances at Cryptzone. “They don’t. It’s so vast, and there’s so much noise.”{ad}

On Tuesday, Cryptzone will formally announce an enhanced channel program that offers plan-ahead marketing development funds, where the company will invest in select pre-sales activities, as well as attractive margins, discounts and comprehensive sales and implementation support. The goal, says Gravel, is helping partners realize revenue quickly while providing advanced security for customers.

Cryptzone's Tina GravelShe says Cryptzone is committed to simplifying its messaging and educating partners, even those not currently selling security. The company’s AppGate products are available as apps on Amazon’s AWS Marketplace, and last week HPE unveiled an AppGate integration with HPE’s Helion OpenStack cloud platform at HPE Protect 2016. 

AppGate supports both AWS and Azure now, and a spot in the Microsoft Azure Marketplace is pending.

“Agents are asking questions about security because their customers are asking, ‘What are we going to do about this?’” says Gravel. “We can be the epicenter of a partner’s security ecosystem.”

The program has three tiers – Bronze, Silver and Gold – with annual quotas ranging from $100,000 to $500,000 that Gravel says could be waived for the first year. While partners must commit time to education, the margins – up to 35 percent for those in the top tier – are generous, as are the variety of MDF options.

“It’s an expensive program, but it’s expensive for a reason,” she says. “We want to focus on the quality of relationships.”

Gravel says there will be limited enrollment. “Partners can use us as a strategic differentiator,” she says.

Cryptzone has signed on Avant Communications as a distribution partner, joining …


… CDW, Forsythe and Masergy, and announced Fortune 100 technology and manufacturing company Honeywell Technology Solutions as a reference customer. Brian Bear, business development director for cybersecurity at Honeywell, said Cryptzone’s technology is “truly something no other company has.”

Gravel says Avant’s cloud focus and depth of developer talent makes it a perfect advocate for the company’s technology.

Drew Lydecker, president and founder of Avant, said the partnership plays into his company’s focus on enabling channel partners to become trusted advisers and delivering next-generation solutions to clients.

“Our channel partners can provide more value to their end-user customers and cover security gaps that exist in today’s public cloud solutions with Cryptzone’s AppGate,” said Lydecker.

Gravel says Cryptzone is looking to seed partners and will offer a checklist to help vet potential deals. The typical customer will be a company with 100 or more employees, but in some cases, smaller but highly regulated firms may find the product meets their needs.

Verizon’s DBIR reveals nine areas of vulnerability that partners must address. Download the free report.

Software-Defined Security

With Cryptzone’s AppGate, controls are user-centric, dynamic and mapped to the sensitivity of a given application or data set. This concept, called the “software-defined perimeter,” has been set up as a specification with a working group by the Cloud Security Alliance.

The idea is to wrap network permissions around each user. A variation of the concept is in development by Google, under the BeyondCorp moniker.

Under an SDP, files and applications are invisible to anyone not authorized to access them; it’s essentially a no-trust network stack. It doesn’t matter whether the applications and data are on a customer’s premises or in a public cloud. To gain access, a device must be running an agent and be authenticated as having rights to the asset.

“What that does is, it improves security, it also improves and dramatically simplifies compliance, and it helps with operational efficiency,” said Jason Garbis, VP of products for Cryptzone. “Oftentimes the business gets frustrated with the pace of the network or IT team to provision access. We can help with that.”

Verizon is among the proponents of basing security on people and data, not a …


… now-nonexistent perimeter. The carrier played a lead role at the Cloud Security Alliance’s SDP Hackathon at RSA 2016 and said it will monitor the public cloud infrastructure to see how well SDP is able to provide 100 percent uptime by combining the resources of multiple clouds.

With AppGate, partners can set up software-defined perimeter rules, much like you might provision a software-defined WAN link. As with brittle, fixed WANs, customers using VPNs for network access control are likely running into problems, especially if they use cloud-based applications such as Microsoft Office 365 extensively or have many mobile employees.{ad}

Garbis said AppGate picks up where the AWS security groups construct leaves off. With security groups, a customer or partner says, “these IP addresses can get to these servers.”

“The problem with that is that people aren’t IP addresses,” says Garbis. Typically, security teams either simply open access to everyone in an office through a single perimeter IP address, or they try to tightly control access by granting on a case-by-case basis using rules, a labor-intensive process that reduces business agility.

With AppGate, access decisions are made quickly and in an automated fashion based on preset policies and data such as geolocation, time of day, permissions, whether up-to-date AV is running and other identity and device attributes. IT can be flagged if something out of the ordinary happens.

For partners, helping customers develop those policies is a services opportunity.

“You get a secure, encrypted network tunnel from your device to the gateway, which solves the remote-access problem and meets the concept of least privilege,” says Garbis. “I don’t care where you are — you could be in Starbucks or on the corporate network. I’m still encrypting your traffic, and it’s still secure.

A partner would place the gateway in front of protected assets, whether on-premises or in the cloud. AppGate discovers server instances, assesses the associated attributes and, based on those findings and the defined policy, automatically makes a decision on user access.

Incentives Added

A free trial of AppGate XDP for AWS is now available; once the software is downloaded, license activation is automatic, and technical support is available.

All partners have access to pre- and post-sales support and preferential pricing, but those able to offer advanced integration and support and that earn certifications can earn additional points and status.

Gravel says there are additional sales promotions and incentive funds for early movers through the rest of this year. Cryptzone will work with partners to present threat briefings and host events for potential customers. In October, the company – which has more than 100 employees and upwards of 450 customers – named Leo Taddeo as its chief security officer. Taddeo, who addressed attendees at Channel Partners Evolution, previously served as the special agent in charge of the FBI special operations/cyber division in New York and is available to meet with prospective customers.

Besides AppGate, Cryptzone also sells SecuritySheriff DLP software for SharePoint and Office 365, and ComplianceSheriff, for website content scanning. These solutions can be bundled with AppGate by certified partners. Partners serving shops that use SharePoint extensively may want to take a look at SecuritySheriff.

Agree? Disagree? Let me know, either in comments or direct. Follow editor in chief @LornaGarey on Twitter.

Read more about:


About the Author(s)

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like