An intensive three days in the Israeli business capital's high-tech sector turned up some interesting security ideas. By Paul Fisher.
What happened on my first night in Tel Aviv was, said my hosts, not typical. At least one part I was happy to be not typical: a drink in “Molly Blooms”, a plastic “Irish” pub of the type found all over the world – apart from Dublin. Here in Tel Aviv, stuck on the corner of a street opposite my Dan Hotel, it felt especially incongruous. But it was late, the hotel bar was closed and we needed refreshment after a five-hour flight at the hands of El Al – an airline noted for its uniquely rigorous security procedures, but less for the delicacy of its in-flight service.
As it turned out, my perch outside Molly Blooms was to provide a small taste of the tensions that a trip to Israel will throw up. A young man ran past, shouted a few words and then smashed something on the ground. It turned out to be some kind of smoke bomb that caused most of the drinkers outside the pub to seek refuge inside. Whatever it was, it could be felt at the back of the throat. For a few moments I was uneasy – what if it was something more toxic? I quickly realised that if it had been, I probably would not still be casually supping my lager.
We never did find out what it was – nor I guess did the Tel Aviv police, who finally arrived an hour later to investigate an incident already forgotten. It was decided by all that it was probably the work of a hooligan – and an Israeli one at that.
I thought about it later. When it happened, there was no panic, no fuss. The way that most people just carried on told me something about Israel and Tel Aviv. Far worse could happen, far worse has. A taxi driver told us that he had been caught up in a terrorist bombing of a café in Indonesia. He was lucky, near the back when the device went off, and not injured. The next day, local TV interviewed him about the incident. “Weren't you scared?,” they asked, somewhat bemused by his willingness to carry on with his holiday. “No, I'm from Israel,” he said.
Welcome to Israel, then. My home for three days was the classy Dan Hotel in Tel Aviv. I was there to meet several security-focused businesses that have blossomed around the high-tech cluster in Tel Aviv and nearby Ramat Gan.
First up was Arie Wolman, VP sales with PineApp, which specialises in network and email protection. Its customers include Leumi bank (the second largest in Israel), McDonalds and UPS. The business was only founded in 2002 and has expanded into the US, UK, Italy, Spain, France and South Africa.
I asked why it was that Israel has a world-class IT security industry. Wolman agreed that it was only partly because of Israel's geopolitical situation – virtually surrounded by hostile states as it is. He revealed that the Israeli army, the IDF, has its own IT arm able to test cutting-edge technologies in field environments. He said that Israeli businesses are also more flexible and nimble than their big US rivals – but that US customers still tended to favour US vendors.
Safend, as its name suggests, is in the business of protecting the endpoint. Its representative meeting me in the hotel's prestigious King David Crown Suite was Edy Almer, VP product management, who trained in the IDF IT arm. He said Safend had a unique environment, which helped drive its innovation.
“We have very young people, and many work at Safend before they go on to university,” he said. “Our rivals have gained technology through acquisitions, but Safend has built everything itself. Check Point comes close to us, but Symantec and McAfee have disparate parts from different suppliers. All other vendors use a gateway approach, whereas we encrypt the data before the gateway.”
Almer revealed an ambitious target of raising customer numbers from 1200 to 2000 by the end of 2009. He said Israel had tough laws on database management – while there are no breach laws, all databases had to be licensed and a breach could lead to the loss of the licence.
ForeScout is one of Israel's NAC specialists. I met Hanan Levin, VP product management, in the fine surroundings of the Raphael restaurant, where no less than would-be Middle East peace-maker and Kabbalah dabbler Madonna had been a guest of honour the previous week.
Like Madonna, Levin was in positive mood. ForeScout has enjoyed 40 per cent growth, he said. “There have been no staff cuts. We have focused on what sells. We have penetrated Asia-Pacific and maintained US revenues, with growth in Europe, UK, Italy and Spain,” he said.
But why NAC – wasn't it a busted flush? Levin was refreshingly honest. “The hype on NAC was that it would grow exponentially – well it didn't, but it still grew. It's been hyped, fallen out of favour and is now back on the radar as the recession has bitten. The insider threat has risen – people are once again looking at controlling access,” he said.
The pressure on security people to keep on top of compliance in an era of fewer resources means demand for automating NAC has increased, he said.
“It was tough to make the case for NAC in the early days. To be successful, it needed to be easy to deploy and maintain. Technology is evolving to do that, but our customers show us the way. It is very customer-driven, but even customers have blind spots; they can't see the entire network.
“We have made big sales to the US Army and we are its single vendor approved for NAC. The recent US stimulus package helped ForeScout.”
Later that day, I met Alon Yavin, VP research & development for White CyberKnight, a governance, risk and compliance (GRC) business that was founded in 2006. Claiming that its software bridges the gap between business and IT, the company was recognised as one of the ten top innovators at the Sandbox event at the RSA Conference 2009. “We do GRC with a business focus. The linkage with the business is often missing. Our engine is designed for both tech and business people and gives a main overview of risk,” said Yavin. This mix of technology and business probably owes a lot to the founder of the business having a risk management background in Europe.
After establishing itself at two banks in Israel, the company is only now looking to take the product into Europe and is piloting at two sites in the UK.
Next day, I took a taxi across town to visit the king of Israeli security – Check Point. Waiting in reception, I noticed that Check Point has a curious naming system for its meeting rooms: Pink Floyd, Genesis and Aerosmith. Where was the Beatles room, I wondered. Sadly I did not get to meet Amnon Bar-Lev, Check Point's VP global field operations, in any of these musically themed rooms, but I did see the giant photographic wall murals that decorate each floor of the shiny office block that is now Check Point's world HQ. These striking images of Tel Aviv street life are the work of Gil Shwed – the CEO and founder of Check Point, who, I was told, has something of a passion for photography.
Check Point is shifting gear. The Nokia acquisition is progressing nicely, it seems, with the R&D and sales operations now fully merged. “We are the biggest security company outside the US. We don't yet know how this quarter will end, but we are doing OK,” said Bar-Lev.
From his top floor office, Bar-Lev has a lofty view of Tel Aviv and leans towards the same high level view of IT securiy in business. “Most of the spending that organisations undertake on security does not protect them. There are hundreds of customers who don't know how to run IDS/IPS properly – they are afraid of prevention because of false positives,” he added.
“We see one clear trend. The CISO is now talking about the business, not the technology. The chief executive is putting pressure on the CISO. There is more and more about compliance. You need to build the security architecture and then make sure it's compliant – not the other way around,” added Bar-Lev. That's the gear shift: “We are changing our sales approach to meet this business focus. We never sell on fear – you can't build an infrastructure based on fear,” he said.
After a tour of the Check Point data centre, which it has to be said is little different from most of the others I have seen, and a look at a few more of Shwed's murals, it was back to the hotel for a meeting with database security specialists Sentrigo and its VP product and business development, Dan Sarel.
Sarel told me an interesting little tale. Sentrigo had a small run-in with Microsoft after it accidentally discovered a vulnerability in SQL Server. While testing, a member of Sentrigo's research team could see his own password in the clear and, on closer inspection, that of all the other team members.
As is the custom, Sentrigo did not go public, but informed Microsoft. The software giant ignored it for over a year, after which Sentrigo finally told the wider world. It was soon news across security blogs (including SC) – cue anger and recriminations from Redmond.
Sarel laughs about it now – even pointing to the fact that working in the Microsoft Security Response Center is listed in an Israeli book of “the world's worst jobs”.
“It's easy to get to the database. Most people don't know about this,” he says, startlingly. The company was started in 2006 and aimed to protect databases from within. Starting with five people, it has grown to 25.
“People have compliance issues, but they don't patch their databases because of the downtime. Research shows that 70 per cent of Oracle users don't patch at all, while 30 per cent save the patch but put it off,” he said.
“You get embarrassed smiles from database people and security people – they just don't want to have downtime and hope for the best. Disclosure laws have revealed how many attacks come from attacks on databases,” he added.
The company offers what it says is an affordable host-based software solution for real-time database activity monitoring, auditing and breach prevention. Vendors selling appliances are taking the wrong approach, he says – “better to use software” was Sarel's parting shot.
The meeting with Algosec proved to be most interesting. Based in what in truth cannot be described as Tel Aviv's finest district (think Park Royal and you get the picture), the business has what looks like a highly cost-effective firewall management system that took four years to develop.
Over an hour, I saw how IT security technology really can address business needs and deliver that often misused term, a return on investment.
“Firewall policies have become overwhelming in the past few years, and it's very difficult for business users to know which changes are needed: 20 per cent to 30 per cent of changes are not really needed. Manual analysis is error-prone. Instead, what we offer is an intelligent ticketing system which ensures only those changes that are actually needed are done,” said Algosec co-founder and CEO, Yuval Baron.
He said that the business impact could be that 60 per cent of the budget for firewall changes might be saved. You can read more about Algosec's technology, written by CTO Avishai Wool, on the SC website (http://tinyurl.com/yac9q5d).
Like many cities, Tel Aviv has sought to regenerate areas that have seen their original use decline. The former port area of the city is one such and is now buzzing with bars, clubs and restaurants. It was here that I met Anat Doron and Hagai Schaffer, senior marketing and business development executives from Intellinx. Founded in 2005, Intellinx specialises in enterprise fraud detection/prevention.
Intellinx software “sniffs” network traffic and records the activities of every end-user in the enterprise. Schaffer said that it allows the auditor to replay screen by screen, keystroke by keystroke as if he or she was looking over the shoulder of each end-user.
According to the company, it also utlilises a “powerful rule engine that tracks user behaviour patterns in real time, triggering instant alerts on irregularities, allowing the security officer to immediately zoom in on the specific suspect and replay all his or her actions related to the suspicious event”.
In truth, the conversation soon turned from the sophistication of security software, as the warm Mediterranean breeze drifting across the promenade made its presence felt. The Israeli wine kicked in, suspicious events were forgotten and the sound of the waves gently breaking on the Tel Aviv shore provided a mesmeric backdrop to the evening's end. That night, you wouldn't imagine that Tel Aviv was perhaps not the most peaceful place on earth.
The El Al Experience: it's not just an airline
The first thing you notice at Heathrow's El Al (motto: ‘It's not just an airline. It's Israel.') check-in area is the presence of two Metropolitan Police officers armed with Heckler & Koch MP5 carbine automatic weapons. They are here permanently. You can bet there is more you can't see.
Next is the famed “interview”. “Why are you visiting Israel? Who will you be meeting? Is this your first visit? Are you travelling with anyone – how do you know them?” It doesn't sound that intense, but these questions carry a weight and are delivered in such a way that it feels like an interrogation. They are likely to be repeated during the interview. This is a big step-up from the bored security rendition at most airline check-in desks.
There is another device and it's psychological – they walk away and chat with another security colleague while they thumb again and again through the passport. Occasionally they flick a look at you. You kind of wonder whether to smile or not – in the end it doesn't matter. Whatever they are doing is designed to weed out at this, the first line of defence, any potential threat.
Once the interview is successfully cleared, your bags are put through El Al's own scanner – often repeatedly. You finally get to check in and your hold luggage is whisked away – allegedly to a vacuum chamber which will cause any explosives to detonate.
All this can take up to two hours, depending on how busy the flights are. And you still have to navigate Heathrow's regular belts off, shoes off, laptops out security lines.The El Al gate is isolated – it seems a mile away from all other airlines.
It's a hassle certainly, but I have never felt so safe on an aircraft. At take-off, you think about the anti-missile defences that are added to the El Al fleet – designed to deflect any SAM attack launched from the Heathrow scrubland.
There is also the famed presence of armed agents on board, in case somehow, someone does slip through. Who they might be is a game that no doubt many passengers play.
And if you thought travelling to Israel was intense, wait till you arrive at Ben Gurion airport to try and leave.