Manage VMs access to local and remote resources and functionality
VM Policy
- Defined as a combination of Users/Groups and Rules
- Structured as a JSON file for extensibility
- Ability to define global policy or VM specific policy
- Can be managed centrally or in a distributed manner
- Private key based security for the Policy file
VM Control
- Ability to control VM access to resources – RAM, CPU
- Ability to control VM runtime actions – Networking, Disk access, USB access, Shared folders
- Can define Group based controls for large client base
- Can also define fine grained specific user based controls
VM Encryption
- Supports On the Fly Encryption(OTFE) for disk image
- aes-ecb encryption algorithm supported
- Integrated with VM policy for even tighter control on VM security
Registry
- Based on container registry concept, but manages policy managed Anka macOS VMs
- Exposes simple pull commands in anka client to deliver policy managed VMs on user mac workstations
- Supports certificate based push and pull actions to restrict access to the managed VMs
- Communication protocol between Anka Secure Client and registry is designed to support incremental pull and push for responsive user experience