Control north-south traffic, limit access to external endpoints on a per-pod basis and protect your Kubernetes cluster. With Egress Gateway securely integrate with firewalls, monitoring systems like SIEMS, and other systems that don’t understand the dynamic nature of container orchestration. Author DNS Policies that implement fine-grained access controls between a workload and the external services.
Limit the blast radius when a security breach results in an APT (advanced persistent threat). Perform micro-segmentation for both container and VM workloads. With “defense-in-depth” approach provide protection on three levels: host, container/VM and application and use a single policy framework to set controls.
Security and Compliance
Have data-in-transit encryption with industry-leading performance, as well as compliance reporting for security policies and controls. Identify threat feeds known bad actors like bots, custom alerts for known attacks, anomaly detection, and honeypods with Identity Detection. Use automated approach to malware detection and response to target and remediate threats like DGA (Domain Generation Algorithm).
Identify and troubleshoot by dynamically generating a service graph to easily understand how services are behaving and interacting with each other at run-time, thus simplifying the debugging process. Get Kubernetes context based information including across which namespaces workloads are communicating, detailed DNS information, detailed logs for every single flow in your cluster, and how security policies are being evaluated.
Enable security and observability with unified controls across multi-cluster, multi-cloud and hybrid cloud environments. Leverage a single pane of glass to ensure consistent application of security controls across both containers and VMs. Benefit from automated end-to-end policy deployment process across multi-cluster including any necessary security changes.