Droplet Vs App Packaging

Never-Trust vs Zero-Trust

What’s the difference?

Droplet NeverTrustTM Containers

EASE OF DEPLOYMENT Droplet NeverTrustTM containers are self contained, including any required application dependencies, and are completely isolated away from the underlying operating system, that it’s installed on.

COMPATIBLE Droplet containers can run on any architecture that supports the container runtime, including Linux, MacOS and Windows/Windows Server, as well as cloud platforms.

Droplet NeverTrustTM containers run without additional hypervisors or virtual machine layers.

Droplet Containers are PORTABLE and don’t require a complete VM as they are self-contained. This results in minimum performance overhead.

CLOUD-READY Droplet containers support Microsoft Azure , AWS, Google Cloud or any hypervisor

ISOLATED Droplet containers provide isolation between the app and the host system.

Droplet containers are locked down by its unique secure NeverTrustTM model.

One Droplet container can run multiple instances of the same app on the same host, each in its own container with its own resources.

All inbound and outbound traffic is blocked by default: only required traffic is explicitly opened

NeverTrustTM model places containerised apps in an isolated environment that is invisible to intruders.

Applications delivered via a Droplet NeverTrustTM model can pass up to NIST compliance levels.

Droplet NeverTrustTM containers are designed to be secure by default. For example: only Droplet users can gain authorised access to any Droplet application, client or server, without the need for API’s or SDK’s.

Application
Packaging

SPECIFIC DEPLOYMENT Packaged apps are factored and locked to a specific host operating system, and require a complex architecture. MSIX packaging only contains the app itself, without any dependencies

LIMITED COMPATABILITY MSIX is only compatible with Windows 10. App-V packages must be configured for specific Windows hosts

Packaged apps require all the resources of their host Operating System, or may require a VM to run.

BESPOKE Major OS upgrades require apps to be reconfigured and repackaged. Apps must also be repackaged for different architectures

CLOUD-SPECIFIC Packaged apps must be custom built for cloud and often require a VDI platform.

INTEGRATED Each packaged application requires its own user space, VM or platform.

Packaged apps have the same privileges as other applications on the system.

MSIX packaging includes code signing and runtime attestation to ensure the integrity and authenticity of the package and its contents.

Malformed apps create potential security holes, and are subject to the same vulnerabilities as native apps.

Zero-trust networks, require authentication-protected access and ongoing intrusion detection.

Compliance requires additional safeguards to be put in place.

API’s and SDK’s used in application packaging, could be seen as a weakness for any potential threat actor and used to gain unauthorised access to a system.

Keep up to date

Sign up for Droplet NeverTrust email alerts and news!

    keyboard_arrow_up