I’ve observed that the rise of the Internet has led to a lot of problems of scale. Things that were problems in a less connected age, from music piracy to bullying, all of the sudden seem intractable when put through a massive worldwide network.
In some ways, the advent of cloud computing has had a similar impact of the enterprise. The benefits of scale on demand is amazing, but with that scale comes a host of potential problems. One is security.
James Green lays out the problem in this piece. While security is never a simple matter in the enterprise, even previously reliable methods fail to scale well in the post-cloud world. Architectural methods like VLANs become increasingly complex to manage with cloud workloads and multi-tenant environments.
Aporeto’s Trireme solution helps deal with this by allowing for segmentation on the application level. They do this using a containerized monitor which implements policy based controls on other containers. Each container can be labeled, and then the monitor enforces communication on a policy level. This takes away a lot of the architectural headaches inherent in other approaches, while still allowing an administrator to get an overall sense of what is able to flow where.
James offers a deep dive into how this practically works in more complex situations. These kind of solutions enable the enterprise to take advantage of the scale of the cloud, without having management issues increase at the same rate.
I’m not sure where the obsession with nautical entities in the cloud/data center startup world came from, but from where I’m standing, it looks like taking an aquatic stance is a reasonably good predictor of success. Let’s see… Docker has the cute little whale. Kubernetes comes from a Greek word…
Read more at: The Maritime Future of IT?