4 Comments

Summary:

Today, a new data center appliance launches from San Jose, Calif. startup Rohati Systems. The appliance monitors the flow of traffic in the network and uses information gleaned from the data packets to enforce various entitlement and authorization limits for a company, such as allowing only […]

Today, a new data center appliance launches from San Jose, Calif. startup Rohati Systems. The appliance monitors the flow of traffic in the network and uses information gleaned from the data packets to enforce various entitlement and authorization limits for a company, such as allowing only certain employees to access HR data or others to get a hold of financial information.

There are other ways to attack this problem, such as ensuring compliance for each one of hundreds of programs, but Rohati does it more efficiently, and according to CEO Shane Buckley, without adding a lot of lag time. Since this type of compliance is a big deal in a post-Sarbanes-Oxley world, Rohati’s appliance could find a place in the corporate data center, competing against the likes of Securent, Bayshore Networks and Jericho Systems.

The idea is solid, but I doubt the company’s potential for a rich exit. Rohati is selling something typically done via software, and the big IT vendors such as HP and IBM are more inclined to buy software, not hardware, companies. Which means that should a bigger player decide to enter this space, there are plenty of other candidates for them to buy besides Rohati.

Rohati might interest a hardware vendor such as Cisco, but that’s the company the Rohati founders left — in part, because Cisco was spending time solving similar problems with software. There are other potential buyers out there, and it’s possible Rohati makes it all the way to public markets, but I still question how well a box-maker can do in this day and age.

  1. The appliance model shouldn’t inhibit a decent exit with one of the major players, if you look at where similar compliance tools such as SIEM devices which serve a similar need (compliance reporting) are going, most are now appliances or have at least an appliance option.

    Generally for compliance initiatives it is a good idea to look at the full scope of requirements and a sledgehammer approach like this I think will have difficulty working within the enterprise which are the ones who have heavy regulations (like SOX, PCI-DSS, GLBA etc…) there requirements are just too broad, also it appears that their device is in-line in front of AD/LDAP which is a worry for a large enterprise.

    It’s good to see start-up’s addressing this space but half the companies I see though have trouble getting NAC and Network DLP to work, let alone access restriction based on the network traffic!

    Share
  2. Stacey,

    Many Cisco employees leave, found competing and innovative network products, get acquired by cisco, rinse, and repeat. For a while in the Valley, I think that was actually a fundable business plan. ;-)

    Incidentally, compliance is quickly becoming a cost-of-doing business for startups too. If they haven’t built to scale with SOX in mind, they should expect to impact their valuation. I talked about this on a recent IT Conversations podcast.

    -Jesse Robbins

    Share
  3. You can use a network level software based firewall or application level proxy filter like Squid cache. But it is cumbersome to integrate various software pieces. Some might find it easier to drop an appliance and forget it after some minor configuration changes. I think there is a good market for firewall type appliance. I am not an expert in this area. But from my experience I can tell that appliance brings convenience, reliability and performance when compared to software based solution.

    Share
  4. For additional Entitlement Management case studies, you can visit Xceedium’s website to find additional resources for planning a successful Entitlement Management strategy.

    Share

Comments have been disabled for this post