Creating Innovation Through a Container Enabled Security Solution

Alex Gelman|

Creating Innovation Through a Container Enabled Security Solution

Alex Gelman|

Containers signified the transformation of how software is deployed globally. They offer a logical packaging mechanism in which applications can be abstracted from the environment they actually run in, to any deployment environment. As Linux is both the operating system for the cloud and for routers, Linux based containers enable applications to become much lighter and out of the box applications. By converting to containers, software companies can deploy additional functionalities with ease and without long integration processes.

SAM is the first cyber-security company to offer a containerized security solution, bringing the revolution to routers.

In 2017, SAM worked with Heights Telecom, a CPE vendor who utilizes Broadcom’s chipset, to design and commercially launch the first routers to implement container-based services, with SAM’s container enabled security layer embedded. This solution was first implemented in Bezeq’s ‘Be’ routers, launched in 2018.

The common benefits of containers are:

  • Ease of deployment & scaling
  • Plug & play software element for 3rd party applications
  • Reduced impact on resources, megabytes instead of gigabytes
  • Portability between different platforms and cloud vendors
  • Improved performance and control

 

More specifically in case of routers, the ability to run complex softwares like SAM in containers, enables to limit the resource consumption of different applications and therefore increase reliability.

From a security perspective, the fact that containers are self-contained and therefore do not interact with each other means that, if one container is hacked it is much less likely to impact the other containers and applications. This means that bugs and viruses can be fixed more quickly and potential security issues are minimised.

SAM as a container-enabled solution
SAM’s containerized routers deliver key benefits to ISPs by allowing them to easily add new application services like never before, eliminate the need for full router qualification tests for these applications, create new revenue streams from added features and in regards to SAM – seamlessly add a security layer to their existing architecture with much less risk and investment.

This also gives ISP’s the ability to install, uninstall, start and stop 3rd-party apps on the router using standard tools, rather than tools specific to a router model or vendor – e.g. TR-157 software modules. This makes management of VAS implemented as containers in routers, easier and cheaper for the ISP to deploy.

Positioned within the container infrastructure, SAM’s platform seamlessly adds a security layer to any router’s existing architecture and is designed not to interfere with the router’s firmware. The security agent is embedded as part of the firmware with security hooks, enabling it to protect the router, its services and any future vulnerabilities found. The containerized layer includes a host of special features such as the ability to limit the CPU and RAM consumption of an app.

SAM’s containerized security is already deployed in more than 400,000 gateways, supporting both Docker and LXC containers. This gives unique capabilities to ISPs and service providers with a set of features including: control and management of security, privacy, parental controls and network management applications via their existing infrastructure for home, SOHO and SMB customers.

Company

SAM provides a software-based security solution that integrates seamlessly with any platform and is designed to support and protect unmanaged networks (home, SMB, 5G) by securing the gateway and all of its connected devices. Installed remotely on all existing gateways, SAM doesn’t require any additional hardware or a technician to provide comprehensive network security, data insights and network management tools. Combined with the opportunity to offer value-added-services such as: Smart Home Security, Parental Controls and Network Management – in one platform.

Skip to content