Skip to content

Overview: Venafi VSatellites

Venafi VSatellites are a new, novel and critical part of TLS Protect Cloud, Venafi's cloud-native machine identity management service.

VSatellites extend the reach of your TLS Protect Cloud account beyond publicly accessible networks and hosts, to your on-premise/private cloud networks and machines, enabling you to develop the full picture of your machine identities across your organization, irrespective of public or private visibility.

At the most basic level, Venafi VSatellite is a self-updating application that is a runtime extension of TLS Protect Cloud that runs within your private infrastructure.

VSatellite is a modern, self-contained, low-footprint, Kubernetes-based application runtime and runs on popular Linux systems.

You manage your own VSatellites remotely using your company's own TLS Protect Cloud account. So, after your administrators have completed a one-time download and setup of VSatellites on your designated machines (Linux), full administration and management of services for those VSatellites is performed from using the TLS Protect Cloud web console. This includes self-updates of the VSatellite runtime itself.

Who can deploy VSatellites?

Venafi Control Plane enables multiple user roles (such as PKI Administrator and System Administrator) to install VSatellites and pair them with your Control Plane account. This is by design since using VSatellites enables users assigned varying roles the ability to discover and manage certificates found behind your firewall.

What's Next?

Learn how to set up your first VSatellite, or if you've already done so, learn more about managing your existing VSatellites.

Or you can learn a bit more about how VSatellites actually work, including the moving parts.