onShore Networks: Managed Security is a Process, Not a Product

Stelios Valavanis, CEO Steven Kent, CTO
By the age of 15, Stelios Valavanis’s love for technology had him writing dBase code for a market research company, producing an analysis tool for sale to marketing firms. Today, as President of onShore Networks, Valavanis applies his enthusiasm for technology to provide solutions for numerous challenges in the enterprise security landscape. “Security is the area where we can perform at our best. We're at the edge, and developing new solutions all the time,” says Valavanis. “There's a commodification going on in the IT services industry that encourages better reporting, efficiency, and feature development; but it adds distance between the engineer and the client's network, and increases reliance on cookie-cutter hardware solutions. This is especially true in the network transport and security where the issues are less about user support and more about deep network knowledge and more powerful tools,” he adds.

Headquartered in Chicago, IL, onShore Networks is a premier provider of network management services. The company’s expertise is bringing managed network security into local and wide area networks, Internet connectivity, and colocation services to a wide variety of customers. Functions of a managed security service include round-the-clock monitoring and management of intrusion detection systems, firewalls, and network performance. “Managed Security is a process, not a product that we modify for better results and response” says Steven Kent, CTO, onShore.

A False Sense of Security

A national construction company initially requested that onShore evaluate their external security. From the client's perspective, having the right gear in place and periodically performing scans meant they were secure. However, this only meant that they were secure against current threats. They were lacking monitoring and measurement against baselines to handle any unknown threats and track them faster. The company soon engaged onShore to manage their security, monitoring intrusion detection and firewalls.
onShore also developed design and procedures for port-level authentication at the client's remote sites, where there is exposure to outside parties. “We've become integral to their security, providing regular security review and further developing their security policy,” says Valavanis.

Talent and Tools

“We're always looking to be where the new demand is; and, to me, that means being in the area that has a little more complexity— that needs a little more talent and initiative. We do this by being in control of our tool development. We employ a full-time development team and use many open-source components that allow us to customize our solutions for clients or integrate them into systems that proprietary software wouldn't allow, all in order to make tools to empower our engineers,” says Valavanis.

“Our products focus on looking within the network as well as the edge. Unless you're analyzing what's flowing through your firewall, you're only doing half the job. You need to know that the traffic it's passing is traffic you want inside your network. It comes down to knowing your data flows and what is normal on your network. Then you can figure what is abnormal, possibly malicious. We continually re-establish these baselines and measure against them,” says Kent.

Going forward, onShore wants to utilize small, cheap sensors to capture more distributed data for mass correlation with core and edge network data and to give more powerful tools to their engineers, like heuristic threat detection. “Operate under the belief that you are already compromised, and now you need to isolate, control, and remove the threat that is already existent in your network. We need to move back into the network and understand that, in the current security landscape, you cannot make the assumption that, because you have a firewall and some edge IDS, you are now secure behind those devices,” concludes Kent.

onShore Networks

Chicago, IL

Stelios Valavanis, CEO Steven Kent, CTO

A provider of Managed Security services, utilizing network performance data from both inside and outside a network to ensure early detection of any threats