Microservices and containers have recently seen tremendous widespread adoption, as evidenced by the near tripling of the crowd attending KubeCon Austin in December. Enterprises are seeking the business benefits of rapid application innovation, while at the same time having to navigate a changed attack surface. Cloud native applications have more moving parts with new security implications, particularly around East-West network traffic and the potential for lateral movement. The containers and microservices that comprise a cloud native application architecture are dynamic and create a different attack surface. Containerized architectures have exponentially greater network churn when compared to traditional or VM-based architectures, and that churn is driven by two factors: container proliferation and container lifespan.
When you combine 10X instances with a 25X shorter lifespan, you get 250X more network churn – which means 250x the number of workloads being created, IP addresses being dynamically assigned and advertised, workloads being destroyed and IP addresses being recycled.
Traditional security solutions that grew up with less dynamic VM infrastructure struggle to adapt to this dramatically more dynamic and demanding environment. IT Security shops strive to protect this new attack surface by controlling against lateral movement as well as dynamically enforcing policy to meet security and compliance mandates. Traditional IT Security approaches of custom automation and manual firewall provisioning were designed for an era before the dynamic requirements of cloud native applications. Tigera Secure was designed from the ground up for this churn and provides container-optimized security built on Zero Trust to defend against lateral movement threats in the cloud native world.
Get updates on blog posts, new releases and more!