Production Scale Application Segmentation
Breaking from orthodoxy, Aporeto Trireme attaches security to the application by authentication and authorization. This method is simple, scalable, and network-agnostic. By releasing Trireme, an open source project for Kubernetes and docker, Aporeto is demonstrating this concept, engaging the community, and making cloud-native application viable, manageable, and effective for the first time.Learn more
Easy to use
Aporeto's approach is compatible with all networking techniques available in docker / Kubernetes and still provides protection against man-in-the-middle or replay attacks that IP filter-based implementations cannot support. Moreover, Aporeto's approach is extensible across federated clusters and works in the presence of network address translations (NAT) or tunneling mechanisms without requiring any IP address and port configuration.Learn more
- An application segmentation mechanism for Kubernetes / docker.
- Requires no shared state or centralized controller.
- Allows any two resources orchestrated by Kubernetes to connect with each other implementing the network policy API.
- No SDN complexities.
- No VLAN tags.
- No Subnets.
- Just a flat L3 routed network for the entire Kubernetes or docker environment.
Trireme's simple and robust approach to production-scale security makes it ideal for Kubernetes deployed, cloud-native applications. We’re pleased that Trireme chose to implement their solution on Kubernetes using the network policy API, and we look forward to seeing how the community uses it.
Get Started With Trireme Today!
LINES OF CODE