Virtualization Technology News and Information
VMblog Expert Interview: Edgeless Systems Talks Confidential Computing and Constellation


One of the fundamental problems today can be summarized in one short sentence: computers are still not trustworthy enough. Enter confidential computing. And with it, a company called Edgeless Systems is also introducing a new product called Constellation in order to help with enablement.

To learn more, VMblog spoke to Felix Schuster, Co-Founder and CEO of Edgeless Systems.

VMblog:  Before we begin with questions about the new Enterprise product that was announced, can you give our readers some context by answering the question "What is Confidential Computing?"

Felix Schuster:  Confidential computing enables end-to-end encrypted and verifiable data processing. End-to-end encrypted here means that the data remains encrypted even at runtime in memory. This is a breakthrough concept. It allows one to run sensitive workloads in the cloud, while having the assurance that not even the cloud provider can access the data. Confidential computing features are available in recent server chips from Intel and AMD. These chips and their features are widely available in the major clouds. However, so far, it has been difficult to use these features correctly and at scale. 

VMblog:  Tell us about the new product Edgeless Systems is announcing called Constellation? 

Schuster:  Constellation enables companies to easily use confidential computing, even for large scale workloads. Constellation is a confidential orchestration platform that - from the inside - looks and works just like normal Kubernetes. In fact, it is normal Kubernetes, but everything is shielded from the underlying infrastructure. It is super-easy to create a Constellation deployment in a cloud of your choice. In essence, just two commands on the command line are required: "constellation create" and "constellation init." The rest is plain Kubernetes. Run and scale your containers as you are used to.

VMblog:  What challenge does Constellation solve? 

Schuster:  For many companies, cloud transformation is hampered by security concerns and regulatory requirements. These problems can be fundamentally addressed with confidential computing. However, using confidential computing correctly and at scale is complicated. With Constellation, companies can make their Kubernetes-based workloads fully confidential, without having to change tools or application code. This allows enterprises to use the public cloud like their private cloud. 

VMblog:  What cloud environments does Constellation run on?

Schuster:  Constellation runs on any cloud environment that features AMD's Secure Encrypted Virtualization (SEV). This includes major infrastructure providers like Microsoft Azure and Google Cloud Platform (GCP). Constellation also runs on the Nitro Enclave technology that is available in Amazon Web Services (AWS).

VMblog:  And finally, what are Edgeless Systems' plans over the next 12 months?

Schuster:  In the next few weeks, we will onboard the first Constellation customers and gather their feedback. We will also start working with strategic partners that help us to bring the confidential cloud to companies around the world. Most importantly, we will grow our team significantly - both on the tech and the business side - to work with full force on our mission and turn the public cloud into the safest place for enterprise data. To accelerate this, we will raise another round of funding.


Published Thursday, February 17, 2022 9:31 AM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<February 2022>