NeuVector discovers the normal behavior of container processes, file system, and network activity and automatically builds a security policy to protect container based services. Using Layer 7 network inspection, unauthorized connections between containers or from external networks can be blocked without disrupting normal container sessions.Learn How to Segment Containers in this Guide
With Layer 7 network inspection, application level attacks such as DDoS and DNS on containers are detected and prevented. Real-time detection and alerting adds a layer of network security to the dynamic container environment, even for trusted or encrypted connections in a service mesh.
NeuVector provides the most effective run-time protection by combining container process and file system monitoring with a unique layer 7 container firewall. Add vulnerability scanning and admission controls to secure the entire container pipeline.
NeuVector is a non-intrusive container which is easily layered onto new greenfield or running brownfield environments. Use orchestration tools such as Kubernetes to deploy, update, and manage the NeuVector containers. Instantly discover running containers and map application behavior, then monitor and protect them from violations, threats, and vulnerabilities. No agents, embedding into images, or developer coding required.
NeuVector simplifies deployment and management with the most extensive integration with orchestration and other enterprise tools. Enforce RBACs for NeuVector access with Kubernetes namespaces or automatically integrate with Red Hat OpenShift RBACs. Use existing SIEM and monitoring tools with NeuVector.