Airgap Networks, a Cervin Ventures portfolio company, an innovator in agentless segmentation for enterprise IT and OT environments, has been acquired by Zscaler (NASDAQ: ZS). With this acquisition, Zscaler will combine its Zero Trust SD-WAN with Airgap to extend the Zero Trust Exchange to protect east-west traffic in branch offices, campuses, factories, and plants with critical OT infrastructure.
The Airgap Journey
The Beginning
In 2018, after spending nearly 18 years in various roles across Engineering, Product Management, and Sales at Juniper Networks, Ritesh Agarwal was ready for a change. To explore various possibilities for growth and change, Ritesh enrolled in the Stanford Executive Program (SEP) at the Graduate School of Business. This is an intensive marathon which, according to Stanford, catalyzes evolution and self-discovery. The program was a transformative experience that led Ritesh to re-examine his career in ways he had never imagined.
Cervin Ventures Operating Partner Samir Shah was also enrolled in the same program at Stanford. Samir had enrolled in the program after founding and eventually exiting a Cervin-backed company, Zephyr. During various intense SEP sessions, Samir and Ritesh had deep meaningful conversations and, almost immediately Samir saw that Ritesh had the potential to be an entrepreneur. Samir was drawn to Ritesh’s deep knowledge and hands-on experience in the field of networking and cyber-security. While Ritesh had been contemplating building a disruptive tech start-up, it was Samir’s guidance as a fellow entrepreneur that helped Ritesh take the plunge.
Ritesh quit Juniper Networks in early 2019 and embarked on his startup journey. Ritesh and Samir would often brainstorm in the Cervin office, whiteboarding and throwing around ideas, which Ritesh would then validate (or abandon). He pivoted twice during the ideation phase before settling on the thesis that campus networks were designed with an outdated architecture that did not fit modern usage patterns and presented a significant security problem.
Ritesh (left) and Samir at the Cervin office, after closing the first round of financing
Ideating around the ICP in Cervin offices in 2019
Ritesh’s vision for Airgap Networks
Looking back, the future of enterprise connectivity was imminent. Enterprises’ network consumption was transforming. Traditionally, enterprise connectivity evolved around:
- Only a handful of operating systems, mostly Windows, would connect to the enterprise networks
- Mostly in-office/on-premises user base. The notion of roaming users didn’t exist - not at the current scale
- Various enterprise apps such as file servers, exchange servers, local database servers, etc. were locally hosted
Therefore, most of the “business” traffic traversed "East-West" within the campus. The "North-South" traffic was limited to “non-business critical” internet access. Therefore, Enterprises relied on perimeter Firewalls, Intrusion Detection/Prevention Devices, and Data Loss Prevention devices to protect against internet threats (North-South traffic). Once within the confines of the organizational networks, East-West traffic communication remained largely unprotected, as it was assumed to be secured.
We are now fully accustomed to the idea of a “hybrid” workforce, the Internet of Things (IoT), and most of the enterprise apps are delivered in the form of Software as a Service (SaaS). And, all of these technological advancements have a profound impact on how enterprises consume their networks. The network and security vendors must innovate at a rapid pace to keep up with the changing nature of enterprise connectivity, the device mix, and the traffic pattern shifts i.e. East-West to North-South. Moreover, the organization is no longer considered a monolith, and hence the inner organization traffic cannot be assumed to be secured (sometimes referred to as “Zero Trust”).
Airgap’s innovative and patented technology transforms enterprise networks to be secure and scalable. The genius behind the innovation is that the transformation takes place without impacting the customer’s existing network and security investments. This simple and elegant approach can help enterprises struggling with ransomware impacts or cyber breaches.