Aviatrix Systems,a start-up based in Santa Clara, California, announced Project Skyhook to securely connect container groups and enforce policies across distributed hybrid and public clouds.
The project builds on Aviatrix’s cloud native networking software which provides centralized network connectivity, management, and security of applications running on virtual machines.
Specifically, Project Skyhook aims to provide the missing connectivity and adaptive policy management for companies with distributed clusters of containers that are deployed either on-premises or in the public cloud. Aviatrix said its software is not a network overlay. Rather, Aviatrix sits directly in the data path, taking advantage of the richness of Docker’s native VXLAN overlay drivers and APIs, just as it harnesses the AWS, Azure and Google APIs to offer cloud native networking.
“There have been over 30 years of development and increasing sophistication around segmentation and security of on-premises networks for servers and virtual machines. The cloud, containers, and microservices need all this too,” said Steven Mih, Aviatrix CEO. “In tomorrow’s distributed environments, containers will be first class citizens, able to deploy across logical and geographic borders, wherever it makes sense. Thanks to Project Skyhook, Aviatrix will make sure they travel safely.”
The upcoming Aviatrix 2.0 software, which will be generally available in June, enables virtual cloud provisioning for AWS, Microsoft Azure and Google Cloud. Aviatrix could be used to link and manage resources in multiple clouds. The company said it has already established close partnerships with the big three cloud providers.
The solution consists of the Aviatrix web-portal-based controller, and one or more Aviatrix gateways deployed on the cloud or on-premises. The controller is the central point of configuration, orchestration, and monitoring for all functions and cloud services, while the gateway manages each VPC and performs encryption/decryption, packet forwarding, policy enforcements and logging capabilities. VLAN-like segmentation helps maximize application security by ensuring that each application is fully isolated and protected