Rising to the challenges associated with developing a truly secure system, Skyport Systems this week announced the availability of a hyper converged platform based on distribution of SELinux (Security Enhanced Linux).
Based on hardened open source Xen hypervisors running on Intel processors that implement Intel Trusted Execution Technology, Skyport Systems corporate vice president Doug Gourlay says the Skyport Secure platform is unique in that not only are policies enforced on each workload running on the system, Skyport itself provides a managed service through which validates and then continuously monitors each component of the system.
Installable in 30 minutes, Gourlay says Skyport Secure is designed to address segments of the server market where the security of the data center itself is absolutely essential. To provide that level of security, all hardware, firmware and software components are validated at the point of manufacture. After validating the components, the system boots a fully whitelisted version of SELinux.
“We’re pinning a workload to a specific virtual machine,” says Gourlay. “Then we create an image of all the components in the system to make sure none of them are ever replaced by something we didn’t validate.”
To make this platform more accessible to a broader number of customers, pricing for Skyport Secure starts at $2,500 per month. At the end of a three year cycle Gourlay says IT organizations can then opt to upgrade to the next iteration of the Skyport Secure platform.
By definition, Gourlay says SkySecure Server creates a synthetic operating environment and assumes a zero-trust posture regarding all network access. This approach creates a security perimeter around the server that no rootkit or malware can pass, says Gourlay. Via the cloud, Skyport Systems then provides a tamper-resistant audit log, certificate management system along with visibility into all traffic flows and application interactions across each workload, adds Gourlay.
Gourlay is the first to admit that commodity servers will continue to dominate the data center landscape for years to come. But by making secure servers more accessible, Gourlay says Skyport Systems can expand a market niche today that isn’t being properly served by the major server vendors.
The reason, of course, they don’t serve this market, says Gourlay, is that historically deploying and managing a secure operating system has been exceedingly difficult. The Skyport Systems approach to the solving that problem relies not only on tighter integration code, but also continues outside monitoring of the server in a way that limits any and all threats to the integrity of that server.