Security startup Mirage Networks Inc. sees $13 million on its horizon after its Series B funding closed, indicating that the momentum is growing for protecting data centers from unforeseen virus and worm attacks.
Mirage Networks is one of the firms going after the "zero-day" security market. These are products, which, unlike traditional intrusion and prevention systems, do not rely on a virus signature to identify an attack (see Security Approaches Day Zero and Is Zero Day a Cash Cow?).
Without having the beneficial knowledge of a virus signature (because it hasn't happened yet), a zero-day security product works by first identifying the symptoms of an initial attack. This could be, for example, the case of a server suddenly sending out thousands of emails.
Mirage was founded in 2000, and its flagship product, the Inverted Firewall appliance, was launched last December. Why "Inverted"? Unlike security offerings that protect the perimeter, the product is deployed at the internal network edge, according to Mirage execs.
Mirage officials say that, unlike other products in the same market, the Inverted Firewall does not rely on agents that are installed on specific devices. Instead, the technology works by using a "threat assessment" engine to track unusual network behavior, and an "early warning system" that detects packet activity against the networks unused IP address space.