The enhanced security solution further protects Kubernetes environments by building on the unique NeuVector run-time security automation, which combines east-west traffic visibility with container process monitoring and vulnerability scanning. NeuVector 2.0 adds important new capabilities that include a Kubernetes incident response system alongside advanced process and file system protections to secure against new attack vectors.
Discover Application Behavior and Detect Violations
NeuVector discovers normal connections and application behavior and automatically builds a security policy to protect container based services. Using Layer 7 network inspection, unauthorized connections between containers or from external networks can be logged or blocked without disrupting normal container sessions.
Audit, Scan, Monitor Running Containers & Hosts
NeuVector protects against host break outs and automatically tests for security compliance. All running containers and host OS’s are automatically scanned for vulnerabilities and run the Docker Bench security tests. The scanning tasks are distributed across Enforcers for a real-time, highly scalable image vulnerability analysis. During run-time, hosts and container processes and syscalls are monitored for suspicious activity.
Detect and Mitigate Application Threats
With Layer 7 network inspection, application level attacks such as DDoS and DNS on containers are detected and prevented. Real-time detection and alerting adds a layer of network security to the dynamic container environment.
Deploy NeuVector in Dev, Staging, or Production
The NeuVector components are containers which deploy easily onto virtual machines or bare metal OS environments. The Enforcer container is deployed on each node to protect containers running on it. A Controller container manages the cluster of Enforcers. NeuVector can be managed through the Console, REST API, or CLI.
Layers Onto Greenfield and Brownfield Environments
NeuVector is a non-intrusive container which is easily layered onto new greenfield or running brownfield environments. Instantly discover running containers and map application behavior, then monitor and protect them from violations, threats, and vulnerabilities. No agents, embedding into images, or developer coding required.
Integrate with Orchestration Tools, Reporting Tools, and other Enterprise Infrastructure
|Categories||Cloud and Virtualization > Containers > Container Clustering, Config, Management|
Use of the SDxCentral service directory is governed by our Terms of Service, including without limitation those sections under the headings "CONTENT", "LICENSING AND OTHER TERMS APPLYING TO CONTENT POSTED ON THE SDXCENTRAL SITES", "INDEMNITY; DISCLAIMER; LIMITATION OF LIABILITY" AND "COPYRIGHTS". Under no circumstances will SDxCentral be liable in any way for any Content, including, but not limited to, liability for any errors or omissions in any Content or for any loss or damage of any kind incurred as a result of the use of any Content posted, emailed or otherwise transmitted via the Sites.