NeuVector Launches New Version of Container Firewall Security Solution
Release enhances Layer 7 container firewall protections, adds new host and container threat mitigation, and speeds enterprise integration
San Jose, CA – November 13, 2017 – NeuVector, which delivers continuous network security for containers, today announced the immediate availability of NeuVector 1.3, the most significant release of the container firewall security solution since its initial launch. Adapting to evolving container security needs, NeuVector 1.3 features a wealth of key security, integration, and UI additions. NeuVector is also releasing a new Enterprise version of the solution, which features capabilities specifically designed for large-scale deployments.
NeuVector is the only true Layer 7 container firewall, providing Layer 7 filtering for all container traffic, along with network intelligence that understands application intent and disallows suspicious behavior. NeuVector 1.3 enhances these critical protections across several fronts, including the ability to detect attacks that rely on tunneling (a technique used to conceal attacks). The new release also adds automatic forensic capture on every detected threat, and makes it simple for security teams to safeguard connections to and from external and legacy networks. The NeuVector solution is compatible with Docker encrypted networks (enabling inspection of encrypted connections), and is also integrated with Red Hat OpenShift, Rancher, and Kubernetes.
The NeuVector 1.3 solution – a container itself – further leverages its strategic position within Docker cluster deployments to add a series of new general host and container security features. The solution now detects suspicious process and privilege escalations within hosts or containers, thwarting breakout attempts as attacks seek to spread malware or probe other vital resources. NeuVector 1.3 also detects reverse shell connections, which attackers use to connect a compromised host or container to a command and control server in order to run commands remotely. These capabilities join NeuVector’s existing auditing and compliance features – such as vulnerability scanning and CIS benchmark security testing – in delivering effective security against known threats.
“As businesses increasingly make containers an integral part of their IT strategy – and as threats to container environments evolve – it’s crucial that they have comprehensive security capabilities in-line with their specific requirements,” said Fei Huang, CEO, NeuVector. “We’re proud to introduce the new versions of NeuVector that are uniquely designed to deliver the container security needs of businesses today.”
Additionally, to make large-scale adoption easier for customers, an Enterprise version of the solution is now available. In addition to offering the security capabilities included in NeuVector 1.3, the enterprise-specific product features include polices based on DNS names, webhook notifications for critical security events, REST API integration for automation into CI/CD pipelines, rolling updates to maintain protection during NeuVector updates, and priority technical support. Access control support for single sign-on (SSO), SAML, and LDAP integration is also added.
“NeuVector’s solution capably provides the container security required for our microservices-based architecture,” said Tobias Gurtzick, Security Architect, Arvato. “We’re excited to implement NeuVector’s new release, which enhances our threat detection and investigation abilities via comprehensive network session snapshots. We also welcome the solution’s new enterprise-focused integration features – such as webhooks notifications – which let us more easily integrate security into our processes.”
NeuVector, the leading container firewall company, delivers a Docker security solution with a zero-configuration policy that adapts to the changing environment and secures containers during run-time. Founded by industry veterans from Fortinet, VMware, and Trend Micro, NeuVector has developed patent-pending behavioral learning for containers with the vision of simple, scalable network security for containers.