Trireme OS project aims to secure containers
3 November 2016 | 0
A team made of former Cisco and Nuage Networks veterans has developed an open source project it released this week named Trireme that takes an application-centric approach to securing code written in containers.
Trireme was developed by a start-up named Aporeto, whose co-founders include the former co-founder and CTO of software-defined networking company Nuage Networks Dimitri Stiliadis; former distinguished engineer at Cisco’s Insieme Business Unit Satyam Sinha; and Amir Sharif, who previously worked at VMware. The first launch of the company is the free release of its Trireme open source code.
Trireme is deigned to work with Docker containers and integrates with Kubernetes, the open source container orchestration platform. Reuven Cohen, who was formerly at Citrix and now runs development at Aporeto, says the goal of Trireme was to develop an agile security platform that doesn’t come with the complexities of managing network-based security mechanisms. “Aporeto Trireme attaches security to the application by authentication and authorisation,” the project’s web site explains.
“This method is simple, scalable, and network-agnostic.” By assigning tags to various application components that are monitored, Trireme can enforce application segmentation and security policies as the application scales up or down or as containers that encompass the app are created or destroyed. This cannot be done as elegantly with a centralised controller approach, which Cohen argues creates inherent limitations as it scales.
Aporeto, the company hoping to commercialise Trireme, was founded in December 2015 and has raised $3.5 million (€3.15 million) in seed funding. It is one of many start-ups and open source projects aimed at securing containers. Others include the start-ups Twistlock and the open source project Docker Bench.
IDG News Service