Aporeto, the company that brings together developers, DevOps and information security teams for a more secure cloud, announced today Trireme, an open-source security project for Kubernetes and Docker, bringing security initiatives in line with the speed of cloud-native development in any cloud and at any scale. Aporeto will demonstrate Trireme at Kubecon/CloudNativeCon, an event that gathers leading Kubernetes technologists from multiple open-source communities to further the education and advancement of Docker, Kubernetes and cloud-native architectures.
The approach, which simplifies application segmentation for distributed applications, is based on a distributed architecture and is an alternate implementation of network policy that does not require any external policy controller or state, hence relieving the complexities of overlay topologies. The open approach allows the community to participate and build on this new foundation introduced by Aporeto today.
“The traditional way of thinking makes the network the natural place to impose security for distributed applications. Mechanisms include distributed firewalls, distributed ACLs, and SDN. Think about cloud scale though. None of these approaches make sense,” said Dimitri Stiliadis, CEO of Aporeto. “Aporeto Trireme attaches security to the application by authentication and authorization in a network-agnostic way. We’re ready now to engage with the open-source community and make cloud-native applications viable and secure.”
While Aporeto’s approach is compatible with current networking techniques available in Kubernetes, it also provides protection against man-in-the-middle or replay attacks that IP filter-based implementations cannot support. It is also extensible across federated Kubernetes clusters and works in the presence of network address translations (NAT) or tunneling mechanisms without requiring any IP address and port configuration.
To find out more about the people behind the Aporeto technology and the security challenges they want to solve, check out Amir Sharif’s session at Cloud Expo on November 3 at 5 p.m.: “DevOps and Microservices – An In-Depth Look at Security Challenges.” Sharif is the co-founder and VP of business at Aporeto.