Lynx Software Technologies Partners with Google Cloud to Support Google Anthos Bare Metal and Google Visual Inspection AI Service
Lynx Software Technologies Partners with Google Cloud to Support Google Anthos Bare Metal and...
LynxSafe™ is a new protection solution for industry-standard laptops that can:
For users handling sensitive or classified information, a traditional endpoint system cannot be trusted when leaving the corporate/classified network’s confines. The COVID-19 crisis has caused a prolonged work from home period, with some companies like Twitter and Fujitsu offering workers the opportunity to work from home permanently. While this is relatively easy to state, CIOs and CISOs have to adjust their IT networks to support this environment. Hackers have been quick to take advantage of this shift. The figure to the right, taken from the McAfee Labs COVID19 Threat Report published in July 2020 shows how the attacks have increased by market sector. Lynx also carried out its own survey, the results of which are summarized here.
Traditional operating systems such as Windows, MacOS or Linux/Android that run on endpoints are vulnerable to cyber-attacks, and security updates and anti-virus software cannot be relied on to protect the endpoint. Traditional IT endpoint security solutions rely on either patching the endpoint OS or anti-virus applications that run on the endpoint OS. Either way, a compromised OS allows the threats full access to the endpoint. The sensitive data residing on the endpoint and even the encryption keys that are used to protect the data. This limits the usefulness of portable endpoint solutions such as laptops or tablets, as the sensitive information could be compromised as soon as the endpoint is connected to the outside world, either via an IT network or through connections such as USB memory sticks.
The solution consists of the following elements:
LynxSecure Separation Kernel Hypervisor
Hardware-enforced separation and virtualization properties of LynxSecure allow for separate secure domains to exist. Two main domains are constructed:
Both domains can run standard operating systems and applications, but the OS and applications in the secure domain are isolated from any network borne outside threats.
Lynx Multi-Node Management
Lynx offers manageability to perform provisioning and enable the update and upgrade of operating systems and other software functionality running in virtual machines. Lynx’s platform provides tools to integrate with the current MDM (Mobile Device Management) solutions. LynxSafe supports this capability on the device itself, keeping the relevant APIs, messaging and integration required to execute on security workflows without compromising security.
Inline Disc Encryption
Allows for encryption at the storage speed for the data stored on the disk. This means that even if the endpoint is ever broken into, or stolen, the data is never exposed to a third party.
The platform is extensible to support the most stringent certification requirements such as CSfC (Commercial Solution for Classified applications) defined by the United States Government’s National Security Agency (NSA). The process enables commercial products to be used in layered solutions to protect highly classified information.
The following table provides a high-level summary of various features and benefits of LynxSecure:
Feature | Customer Benefit | Additional Detail |
DO-178B/C Level A Reusable Certification |
Reduced program risk |
|
Reusable Software Component (RSC) |
Eliminates time and cost of certification effort |
First and only time and space partitioned, FAA-accepted RSC |
Conformance to Open Standards |
Ensures application portability, software reuse and interoperability |
■ POSIX® ■ ARINC 653-1 APplication EXecutive (APEX) ■ FACE™ |
Certifiable Networking |
Accelerates platform development and certification cycles |
Support for TCP/IP, UDP, ADP, ICMP, IGMP, FTP and TFTP protocols on a per partition basis, certifiable up to DO-178B/C DAL A |
Support for Arm, PowerPC and x86 Architectures |
Provides system developer with maximum flexibility to select the architecture/ chip/ supplier that best meets their requirement |
|
GNU C/C++ Compiler and Eclipse Toolchain Support |
Harnessing industry-standard tools reduces project costs and accelerates program development |
"The Separation Kernel Hypervisor and Microkernel technologies share a great deal in common, stemming from least-privileged design principles, and aim to provide a more robust application runtime environment than traditional monolithic kernel-based OSes. The technologies are similar enough, that in the commercial world, the terms are regularly interchanged based on audience or industry requirements—and hence become very confusing for consumers.
Despite the similarities in using minimalist approaches to control CPUs, the kernels are only useful when vendors construct application development platforms on top of them. Once in the hand of the developer, the delivered products can have wild differences at the CPU control level, system assurance properties, development models, and application behavior..."
VP of Product Management Pavan Singh discusses the Mission Critical Edge and Digital Transformation in the age of COVID with Chris Preimesberger, Editor of eWeek online magazine.
The information you provide will help Lynx to better understand your requirements at the high level and we will be able to do research on your behalf and be well prepared for our next interaction.
Your information is always considered completely confidential and is not shared with anyone outside of Lynx Software Technologies without your expressed permission. We respond to these form inputs within 1-2 business days.
Lynx Software Technologies Partners with Google Cloud to Support Google Anthos Bare Metal and...