On today’s episode of Datanauts we welcome sponsor Skyport Systems. Skyport is a startup that’s built a secure computing platform. It’s not a firewall. It’s not an IPS. It’s a convergence of computing and security with three key parts.
First, the system creates a Policy Enforcement Point (PEP) that wraps around a virtual machine that runs a protected workload. This PEP runs a set of application-layer proxies for Web applications, crypto and credentials, identity management, and more.
The second part is a hardware platform built on x86 with a custom security co-processor to run the proxies. Protected workloads run on virtual machines on this hardware. The hardware boots from trusted module to ensure that the software hasn’t been compromised.
Third, the hardware has a central management component for attestation, logging and forensics services. This management component can be run as a cloud service or on premises.
Joining us to get into all the details about Skyport is Doug Gourlay, Corporate Executive VP at Skyport Systems. Before joining Skyport, Doug held leadership positions at Cisco Systems and Arista Networks. You can find Doug’s Skyport blog here.
Part 1 – Who Is Skyport?
- Skyport is a startup
- Who are your founders?
- Any customers you can talk about?
- Do you sell direct, through channel partners, or both?
Part 2 – How Does Skyport Work?
- In a nutshell, describe the Skyport Systems product.
- Okay, so it’s a virtualization platform. But not VMware. Do I care?
- Let’s talk about what makes Skyport uniquely secure.
- Sanity checks when booting
- Manufacturing process is careful, but still untrusted
- Proxies for many services. Which ones?
- Secure installation process for VMs
- Management / Forensics
- How do I manage my Skyport infrastructure?
- Management Framework
- Automation / API
- Integration with other tools, say OpenStack?
- Is Skyport just about prevention, or is it also about detection?
- What happens when there’s a problem detected?
- Does Skyport perform mitigation?
- Is there any specific way that Skyport helps with regulatory compliance?
- Describe the process of standing up a new virtual machine on Skyport
- Once my VM is up, what communications policy is in place?
- Roadmap for containers
Part 3 – Skyport Use Cases
- Hosting out-of-compliance systems
- No need to replatform an application
- Avoid re-writing an app
- Security in the DMZ
- Question about DMZ architecture – do we even need a firewall?
- Command and Control Systems
- Hosting Active Directory
- Rugged DevOps