Illumio is bringing its distributed security platform to the container world, today announcing support for Docker and for Mesosphere's data center operating system (DCOS).

Put the items together, and it means Mesosphere can now spin up Docker containers that are protected by Illumio's Adaptive Security Platform.

The promise of security for Linux containers could make enterprises more willing to adopt them in production. "I think we're going to provide a gateway for people to use the environment of containers in the enterprise," says P.J. Kirner, Illumio's CTO.

Illumio's pitch is that it can provide security across a variety of environments, now including containers. "Nobody's going all-container [in production], just as nobody's going all-bare-metal, all-VMs, or all-Amazon," says Alan Cohen, Illumio's chief commercial officer.

While security options exist for each of physical equipment, virtual machines, and containers, but not necessarily for all of them together. Illumio is bidding to be that pan-network security fabric.

Adding container support to something isn't necessarily that complicated. In Illumio's case, it involved making the company's Policy Compute Engine aware of containers — "just including the concept of the container inside the Illumio data model," says Alan Cohen, Illumio's chief commercial officer.

"Containers are different in two respects. One, there's just more of them, and two, they're starting and stopping all the time. They're ephemeral, and then they die," Cohen says.

Illumio's Adaptive Security Platform, launched last year, operates by attaching a security agent to each workload, rather than to locations in the network. Based on policy, Illumio allows only certain actions around that workload — allowing it to only talk to certain other workloads, for instance.

Photo by Rachel Kramer on Flickr. CC2.0 license.