The NeuVector Service Mesh Security solution delivers first-of-its-kind network visibility and threat detection, even for connections that are encrypted by Istio or Linkerd2.
Service meshes such as Istio and Linkerd2 offer advanced application service discovery and routing benefits. Although a service mesh has some security features such as encryption, it is NOT a security solution. It is not designed to provide the type of network, endpoint and host security required for defense in depth.
What’s needed is a ‘Security Mesh‘ for your Service Mesh.
The patent-pending NeuVector integration enables deep packet inspection of all network connections in the service mesh even if pod to pod encryption is enabled. This allows NeuVector to perform threat detection, automated segmentation and other critical network security functions for service mesh workloads.
Watch demo video.
NeuVector dramatically simplifies the ‘service mess’ experienced by the explosion of east-west traffic for proxy and control plane connections.
NeuVector delivers a highly integrated, automated security platform for Kubernetes, OpenShift, Docker and other container platforms. Full lifecycle container security supports DevOps and Security teams from Build to Ship to Run. It is likely that not all application container workloads will be practical or possible in a service mesh, and NeuVector can seamlessly support hybrid deployments with service mesh and non-service mesh workloads.
“We selected NeuVector to protect containers in production because it combines network and run-time security with vulnerability management for compliance. NeuVector is continuing its innovation by providing deep network visibility into service mesh encrypted traffic.”
– Christian Hüning, System Architect, figo GmbH.