Isolation Model

How ZYBER separates workspaces from your device and from each other.

Device Isolation

Your device receives a video stream of the workspace. Keyboard and mouse inputs are sent to the VM. No code runs locally.

┌─────────────────────┐
│    Your Device      │
│  ┌───────────────┐  │
│  │ ZYBER Client  │  │  ← View only
│  └───────────────┘  │
└─────────────────────┘
         │
         │ Encrypted stream
         ▼
┌─────────────────────┐
│  Workspace VM       │
│  - Your code        │  ← All execution here
│  - Packages         │
│  - AI calls         │
└─────────────────────┘

Network Isolation

Component

IP Address

Your device

Your real IP

Workspace

ZYBER datacenter IP

AI API calls

From workspace IP

Workspace Isolation

Each workspace is a dedicated VM with:

Own filesystem
Own network stack
Own process space
Resource limits enforced

Workspaces cannot access each other.

Termination

Session Type

On Terminate

Ephemeral

VM destroyed, all data deleted

Persistent

VM stopped, data encrypted

PreviousData Stored NextPrivate Git

Last updated 1 month ago

Good morning

hashtagDevice Isolation

hashtagNetwork Isolation

hashtagWorkspace Isolation

hashtagTermination

Device Isolation

Network Isolation

Workspace Isolation

Termination