NeuVector provides run-time container security automation for OpenShift deployments. As nodes and pods scale and update rapidly it is difficult to monitor and protect network connections, container processes and the hosts.
Traditional tools such as firewalls and host security are blind to container traffic and activity. The NeuVector solution inspects all network traffic between pods to detect network violations and threats in real-time, while also monitoring container and host processes. Containers are also automatically scanned for vulnerabilities during run-time
View the OpenShift Certified Container Product Brief
Request the FREE Container Security Visualization Tool – Exclusively for OpenShift customers
Jon Deeming, VP at Experian, presents at Red Hat Summit 2018 how automation can ensure that security policy is consistently deployed into production OpenShift container environments.
“One of things we started to realize is if someone does compromise a pod, and performs a zero-day exploit, there’s nothing at that point to prevent someone from moving from a front end pod to the database pod. So we started looking for alternatives that would effectively give us a software based firewall that runs inside the cluster. We’ve been working with the NeuVector Layer 4-7 firewall and we can now look at traffic flows and create more granular enforcement where we need it for pod to pod traffic. We can also look at the behavior of the applications talking to each other inside the SDN. This allowed us to take a look at the traffic in real-time for things like mal-formed packets. The benefits obviously includes the security aspect but we also had some applications with bad code generating mal-formed packets, which could be seen as beginning a denial of service attack, but were actually due to resource leaks. We were able to pick these issues up with NeuVector that otherwise would have been quite difficult to find, so I’d recommend that you take a serious look at what’s running inside your network.”
“Enterprise customers using Red Hat OpenShift for production container deployments require run- time visibility and security,” said Jesse Wu, head of products – integrated solutions, Red Hat. “We’re excited to bring partners like NeuVector into our ecosystem with Red Hat certified applications to enhance customer security.”
Watch this on-demand video titled “Enhancing OpenShift and Kubernetes Container Security for Business Critical Deployments” with Andrew Toth from Red Hat and Glen Kosaka from NeuVector.