Next-Gen Platform to Secure Edge Workloads
Mainsail Metalvisor provides organizations an evolving and operationalized security platform for edge workloads that need to live beyond the trusted perimeter.
Defend your edge workloads against sophisticated cyber attacks by utilizing separation enforced by security functions in hardware and protecting data in all forms; at-rest, in-transit, and in-use.
Defend your edge workloads against sophisticated cyber attacks by utilizing separation enforced by security functions in hardware and protecting data in all forms; at-rest, in-transit, and in-use.
33
%
Hardware cost reducement
75
%
Reducement in security costs
20
%
More accurate workload right-sizing + consolidation
Introducing Bare-metal Performance with the Benefits of Virtualization
Confidential Compute
Full memory encryption with unique encryption keys for each VM. No refactoring or additional software needed
Zero Trust
Designed with processor-based Zero Trust at the silicon level. Meet & Exceed NIST 800-207
Stop Zero-Days
Active Response Capability ARC built-in to stop zero-days and other exploits/malware
Determinism & QoS
No Virtualization Tax/Overhead. Highest level of Determinism & QoS available on multicore processors today.
Why traditional hypervisors fall short
Security issues
Traditional hypervisors share hardware resources between VMs that can open workloads up to side-channel attacks (think Spectre, Meltdown). Attackers are moving lower in the stack to target BIOS, Firmware, and Hardware to avoid detection.
Attackers continue to find Side-Channel exploits on all processors (Intel, AMD, Arm)
Most virtualization platforms do nothing to secure Firmware or Enforce Secure Boot
Most virtualization platforms have no cryptographic protection of workloads or insider threats
Performance issues
Traditional hypervisors can not guarantee quality of service and have trouble meeting performance requirements when under load. They also can not run latency-sensitive or real-time workloads due to interference on multi-core CPUs.
Traditional virtualization oversubscribe workloads and cannot meet performance requirements
Noisy neighbors can over-consume resources causing other VMs to slow down and timeout
Real-time and latency-sensitive workloads do not have the QoS guarantees they need
Cockpit & LibVirt Integration
Metalvisor aims to be simple to use and work with industry leading open source APIs. Metalvisor is based on Red Hat Enterprise Linux (RHEL) and is validated and certified with Red Hat Enterprise Linux. Metalvisor works with leading automation tools Ansible and Terraform.
Hardware-based Isolation
Metalvisor Isolates & Dedicates Hardware to each VM.
Cores, Cache, Threads, Memory, PCIe, Network, Storage
Cores, Cache, Threads, Memory, PCIe, Network, Storage
Bare-metal Like Performance
Givies each VM the same performance profile as Bare-Metal
Guaranteed Quality of Service
Applications Automatically Get the Highest Determinism & QoS. Perfect for Edge Workloads; 5G, AL/ML, Low-Latency, SDR, SDWAN
Confidential Compute
All Memory Data from the CPU is AES Encrypted
Unique Encryption Keys
Each VM is Encrypted with Unique Key
Encrypted By Default
No Application Refactoring, SDKs, or Additional Software Needed
Immutable Workloads
Prevent Unauthorized Changes in Hardware & Software
Customer-Owned Keys
Lockdown Workloads with Customer-owned Encryption Keys
Insider Threat Protection
Only workload owners can make changes to workloads once deployed, regardless of enterprise admins
Zero-Day Protection
Metalvisor is constantly monitoring workloads for indicators of compromise IOC and able to stop threats even when no signatures are known
Active Response Capability ARC
Metalvisor is able to active responses to protect workloads when attacks are detected. This provides protection for workloads at the edge.
Side-Channel Protection
Metalvisor's hardware-based isolation and resource containment provides defense-in-depth against side-channel attacks.
Kubernetes
Security & Performance
Metalvisor improves security and performance for modern Kubernetes edge workloads. Mainsail supports multiple reference architectures from todays leading Kubernetes providers.
.png)
Receive insight on the technical details of Metalvisor
Secure workloads at the edge while increasing performance. Consolidate real-time and lowlatency workloads on a TypeZero Hypervisor. Download our whitepaper to find out more.
Oops! Something went wrong while submitting the form.
Metalvisor Meets & Exceeds NIST
Zero Trust 800-207 policy, delivering advanced security today.
Metalvisor provides Zero Trust at the CPU level by using cryptographic verification of hardware, extending it to the runtime of applications. Metalvisor provides advanced security measures that meet and exceed the guidelines set forth by NIST 800-207 for Zero Trust.
This advanced level of security can provide peace of mind to the DOD and help to minimize the risk of security breaches, data loss, and other cyber threats.
This advanced level of security can provide peace of mind to the DOD and help to minimize the risk of security breaches, data loss, and other cyber threats.
.svg){kind=icon}
NIST Zero Trust SP 800-207
DOD Zero Trust Guidance
Find out how Metalvisor can secure your data.
Get in contact
Secure data is important for everyone.
Get in contact