What is EDCOP?
EDCOP is the Expandable Defensive Cyber Operations Platform.
EDCOP was built from the ground up by SealingTech engineers. This platforms was developed with expandability in mind. It is built on-top of Docker, the industry leader in container architecture, and driven by Kubernetes, the industry leader in container orchestration.
Kubernetes was designed to deliver container web app services at a global scale. We, at SealingTech, are leveraging it in ways never seen before, to do high performance packet processing.
Our team at SealingTech has been around many of the largest network security architectures in the world and has seen the deficiencies and short-comings. Based on the current hardware architecture deficiencies, below are some of the problems that EDCOP solves.
What Problems Do EDCOP Solve?
EDCOP Solves: Platform expandability to support growth
No more Rip-and-replace… Expand in-place.
As the number of end-points on your networking increases, so does your traffic and now your bandwidth requirements, and so does the need for your security tools to be able to handle and process the larger volume of traffic. In network security architectures that utilize a choke-point, a single exit point out of a network where all traffic is aggregated, we have seen large expensive appliances inability to expand in place. This means in-order to support the growing load you must rip-and-replace with the next biggest model and interfaces.
SealingTech developed EDCOP to be horizontally expandable to keep up with the growing needs of organizations. You will no longer need to rip-and-replace your EDCOP appliances you simply add-on to what you already have and continue to scale out horizontally.
Vendors don’t want you to be able to grow horizontally. They want you to max out your current appliance so you must buy the next bigger model and all the licensing and support that goes with it.
EDCOP Solves: Vendor Lock-in
EDCOP strives to use open-source software in all of it’s components and supports performance tuning for some of the industry’s leading open source security software. Some of the open source software used in our platform is:
CentOS / Redhat – Base Operation System
Docker – Container platform
Kubernetes – Container Orchestration and scheduling platform
ELK – For data and log ingest, enrichment and display
Suricata – Inline/Passive Intrusion Prevention/Detection System
BRO – Network Protocol Analyzer
You can quickly change products from one open source project to another, using open source means you’re not locked-in to any one vendor.
EDCOP Solves: Licensing Costs
EDCOP has zero licensing requirements, and can have you up and running with zero licensing costs from the start. However, for some advanced features from vendors it is recommended to buy a fully featured license to unlock advanced features.
EDCOP Solves: Software version upgrades
The nature of containers means we do not upgrade a container instead we replace them with new versions through rolling upgrades. Rolling upgrades allows you to bleed-off the connections currently going through a container and push them over to another container. This allows you to introduce a container with a new version and begin to send traffic to it, while bleeding connections off the next container – similar to a water fall effect.
EDCOP Solves: Non-Native Multi-tenancy
Containers are merely an application. Instead of a single appliance trying to build multi-tenancy in their hardware and software, we achieve this by deploying multiple instances. Because containers are only the application, it is the most computationally efficient way to achieve multi-tenancy. This enables us to apply restrictions to applications, preventing them from overwhelming the resources on a box on a per-tenant or per application basis.