Cisco announced this morning that it intends to acquire Isovalent, a cloud-native security and networking startup that should fit well with the company’s core networking and security strategy. The companies did not share the purchase price.
Isovalent has helped develop eBPF, a key open source technology that gives developers deep insight into the operating system layer, typically Linux, but also Windows, while Cilium, another open source project created by the startup, gives visibility into cloud native applications. Tetragon is the company’s open source security visibility component.
Tom Gillis, senior VP and general manager of Cisco’s Security Business Group says the combination of these three elements used to be provided by a hardware appliance, but in the cloud world is increasingly software-driven. “In a cloud world, there’s still boxes in there somewhere, but it’s abstracted under layers and layers of software. And so eBPF and Cilium provide that visibility for cloud world,” he told TechCrunch.
Specifically, that involves being able to see exactly what’s happening as an application interacts with the network, and being able to determine whether that looks normal or not. “What this allows anyone to do is to provide very high level of visibility into the inner workings of an application. So when one little container is talking to another container, Cilium can intercept and see that traffic, and it can also see the inner workings of the OS itself,” he said. “So this becomes a platform that allows us to provide connectivity, like should this particular cluster talk to that particular cluster, yes or no. But also security inspection, like what are they talking about? Does this make sense? Does this thing look logical?”
It’s worth noting that Cilium is the default connectivity and security piece for Google Kubernetes Engine, Google Anthos, and Amazon EKS Anywhere. It’s also being used in a who’s who of large enterprises including Adobe, Bell Canada, Capital One, Datadog, Palantir, IKEA and Sky,
It’s always tricky when a large company buys a startup built on popular open source projects like this and it could potentially cause consternation in both the community and the large companies who have come to depend on this software. Isovalent has key roles at the Cloud Native Computing Foundation (CNCF) and eBPF Foundation, where they are also big code contributors. But Gillis says it’s in the best interest of everyone that the open source pieces thrive as a standard going forward
“In order for that to happen Cilium and eBPF need to thrive, and so the community needs to continue to embrace them because the ubiquity of the standard is what makes it so powerful,” he said. Gillis sees it a lot like Kubernetes, which Google created and then open sourced. “I oftentimes say it’s the Kubernetes of the data path. It allows it’s an open standard that all can participate in, allows everyone to innovate on top of this platform, and build amazing products,” he said.
Jeetu Patel, executive vice president and general manager of security and collaboration at Cisco said that it is essential for companies to work together where security is concerned. “One of the challenges that we’ve said is the true enemy [in security] is not your competitor, it’s the [common] adversary. And we need to make sure that we stay open in this market and co-innovate, and I think open source is probably one of the best models to co-innovate with,” Patel said.
Cisco was familiar with the company, even before today’s announcement, having participated in the company’s $29 million Series A at the end of 2020. The startup added a $40 million Series B in 2022 with Cisco also participating along with other strategic investors including Microsoft, Google and Grafana Labs.
Cisco has been extremely acquisitive this year with this representing the 11th acquisition by the company, the fifth related to security. The biggest of the bunch by far was the $28 billion Splunk deal announced in September.
This deal is expected to close some time in the second quarter next year (the company’s third quarter of its fiscal year).