Startup Soha Systems reveals cloud security service

Soha Cloud secures apps quickly with minimal network changes

Soha Systems is launching a cloud service today that lifts the burden of setting up customer-owned security platforms and eliminates the need to make network configuration changes to accommodate that security.

The service, called Soha Cloud, provides security functions when users initially try to access cloud-based applications. Once they are cleared for access, the service bridges a link to the app they requested as if the request is originating from within the network, making network changes unnecessary.

Tying the service in to customers’ cloud infrastructure takes about 15 minutes, and it can be applied to apps located in private or public clouds, according to Soha CEO Haseeb Budhani

The alternative is for customers to buy their own security platforms or individual services from cloud providers and integrate them, says Peter Christy, an analyst with 451 Group. The upside of the service is that it can provide needed functionality quickly, he says.

Budhani claims the service costs a tenth of what it would cost if the same functionality was purchased by other means.

Soha Cloud provides authentication, authorization, application firewalling, WAN optimization and server load balancing among multiple application instances. It also provides a visibility layer for customers to see application accessibility.

Christy says the big upside of the service is convenience. The same ends could be met via other means at the expense of time, effort and money, he says. Initially, Soha will face the task of gaining credibility among early adopter customers so others will follow.

The company has to prove that its platforms – all of which are either proprietary or built on open source apps – work.

End-users’ experiences with Soha Cloud go like this: When they try to connect to a Web app, for example, they first connect to Soha Cloud at one of three points of presence in the Amazon Web Service cloud. (There will be more POPs as demand warrants, Budhani says.)

The POP authenticates users via Active Directory, Google Apps Directory and other platforms. It can use multifactor authentication via one-time tokens sent as text messages to customers’ mobile phones.

Once approved, the POP bridges the user to the application server using a reverse proxy called a cloudlet that is collocated with the application. It allows only administrator-sanctioned access to that one app and can’t allow horizontal privilege escalation on the network, Budhani says. So a partner could be allowed access to a particular application without risk of gaining access to the rest of the network.

The company was founded in 2013 and is backed by $9.76 million in venture funding, most of it from Menlo Ventures. Budhani says he and cofounders Vice President of Engineering Hanumantha Kavuluru, and Vice President of Marketing Rob Quiros were looking for a way cloud security could be as flexible and quick to deploy as the other elements of cloud services.

The company name is the same as the Arabic name for a star that Arabs used to test their vision. The word star is significant because it is something that is above the clouds, says Budhani.       

Soha Cloud is available now and priced based on the number of locations or points of presence customers have in combination with either the number of named users or the number of simultaneous users. The service price starts at $5,000 for access to two applications in one location for 25 users.

Customers can get free access to the service supporting one application for five users indefinitely in order to trial it.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2015 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)