Tigera is excited to unveil several new capabilities with Tigera Secure Enterprise Edition 2.2, including the ability to enable security forensics for Kubernetes. Tigera’s modern search and visualization capabilities provide real-time enterprise-wide visibility into Kubernetes traffic. This release empowers businesses to detect and respond to untrusted and unauthorized Kubernetes traffic, often indicative of advanced attacks such as zero-day malware, data exfiltration, and nation-state espionage. Tigera accelerates investigations and provides direct access to large sets of Kubernetes flow logs. The solution allows:
Traditional network monitoring tools generate inaccurate data for Kubernetes as they fail to capture traffic state denied by network policy. Additionally, these dated methods only capture 5-tuple information which is ineffective in a highly ephemeral Kubernetes environment.
Tigera addresses traditional monitoring limitations with network flow logs that provide context for Kubernetes workloads. Network flow logs are captured at the workload level and appended with Kubernetes context such as namespace, pod, labels, and metadata. This enables accurate visibility into the communications between short-lived ephemeral workloads. Bi-directional flow logs are generated for all pods as well as host connections providing critical insight around suspicious east-west traffic.
Kubernetes environments are often challenging to investigate because of the dynamic nature of workloads. Most conventional security approaches and tools weren’t built to provide visibility into Kubernetes environments. Tigera Secure Enterprise Edition 2.2 accelerates security forensic activities to determine indicators of compromise (IOC) and cause of attacks. Our new release also helps reduce resolution time associated with workload connectivity issues. Additional capabilities defend against application layer and network eavesdropping attacks.
Please schedule a demo for more information.
Get updates on blog posts, new releases and more!