Veriflow promises to bulletproof networks

Eliminating both outages and breaches is the Holy Grail for network professionals. Can Veriflow deliver?

powerline networking tips

Veriflow is starting to emerge from stealth and is lifting the covers from its network verification tool. The company wants to help eliminate its customers' change-induced outages and breaches and does so by using a mathematical verification approach. The Veriflow platform promises to ensure network policy correctness and can identify when a change to networking environments will be impactful to the organization - whether that change is caused by intentional changes or external (not to mention internal) sabotage.

The company was created by a team of computer science professors and Ph.D. students in the EnterpriseWorks incubator at the University of Illinois, is backed by New Enterprise Associates (NEA), the National Science Foundation (NSF), and the US Department of Defense (DoD), and is already claiming success in multiple Fortune 500 and government networks.

Interesting the company has raised some initial funding from not only traditional investors but also government agencies including the National Science Foundation and the Department of Defense. While the quantum ($2.9 million in total) is small, the strategic investment by these high-profile and highly important government agencies is a telling validation of what Veriflow is doing.

President and CEO James Brear brings a strong track record in network policy and protection to the company. Previously, he was the CEO at Procera until its acquisition by Francisco Partners in August 2015. Alongside Brear is a who's who of subject matter experts, Veriflow co-founders CTO Brighten Godfrey, Ph.D., CSO Matthew Caesar, Ph.D., and Principal Engineer Ahmed Khurshid, Ph.D. co-invented Veriflow’s patented network verification technology.

Dr. Godfrey has conducted research in networked systems and algorithms for more than a decade and is an ACM SIGCOMM Rising Star Award and Alfred P. Sloan Research Fellowship recipient. Dr. Caesar is an associate professor in the Department of Computer Science at the University of Illinois at Urbana-Champaign and has worked in the area of network security for over two decades. Dr. Khurshid has a strong background in improving security and availability of networked systems and designed and built the first real-time data plane verification system.

The concept of mathematical formal verification is not a new one. It uses sophisticated mathematics to prove or disprove the correctness of intended algorithms underlying a system with respect to certain formal specifications. This process is frequently used by organizations with products that absolutely cannot fail.

For example, NASA rovers are still traversing the Martian landscape years after landing because the correctness of their real-time applications and operating system were mathematically verified before deployment. Similar trusted 24/7/365 technology is embedded into mission critical airplane flight controls, medical devices and military defense systems. Veriflow claims to be the first networking company to apply similar mathematical formal verification, along with network policy best practices, to secure today’s most complex and dynamic networks.

According to Veriflow, there are four primary reasons why today’s network infrastructure is vulnerable to breaches and outages:

  • Complexity: The cloud, network virtualization (including NFV), software-defined network solutions, mobile devices and the Internet of Things (IoT) all add incredible complexity to network management
  • Change: On average, network operators make 1,000 changes per month to an enterprise or service provider network, actions that open the door to unforeseen configuration errors
  • The Human Factor: At the operational, design or architectural level (including malicious behavior), more than 80 percent of network failures can be attributed to human error
  • Poor Policy Management: One out of three enterprises and service providers lacks policies for IT, information security and data encryption, while 71 percent lack critical knowledge of which policies to institute to mitigate vulnerabilities and disruption

Veriflow believes its mathematical approach across a network-wide infrastructure, solves the above problems and also results in zero change-induced outage and breaches. Unlike techniques such as penetration testing and traffic analysis, Veriflow performs mathematical analysis of an entire network's state, and does so proactively – before vulnerabilities can be identified and exploited, and without waiting for users to experience outages. If there is a network policy violation, Veriflow will find it and provide a precise identification of the vulnerability and how to fix the flaw. Otherwise, Veriflow can provide mathematical proof that the network is correct, giving enterprises the confidence to change their infrastructure.

Veriflow is making some lofty promises, but the credibility of both its founding teams and its investor base would suggest that it is doing so with some justification. An interesting company to watch.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT