Kubernetes security: How to automate microsegmentation policy generation

Do you feel like securing a microservices-based application is a dark art? The complexity and newness of the Kubernetes platform has network and IT security professionals scratching their heads. Kubernetes, the runtime environment where application containers run, is just beginning to hit production environments, and security is becoming a big concern.

If applications are developed and deployed into Kubernetes environment how does your team gain visibility into their security?

A common approach to control this environment is to rely on firewalls to protect traffic coming in and out of Kubernetes clusters. This method provides basic protection for north-south traffic and no protection of east-west traffic.

A better approach is to define micro-segmentation policies and enforce them at the Kubernetes network security layer.  The challenge here is that building security policies requires understanding both the Kubernetes network controls and the application architecture. Even then, creating written policies is time consuming and error prone, let alone trying to enforce them in production.

What if you could automatically generate and enforce microsegmentation policies in minutes?

Tufin Orca is a cloud-based solution that provides security automation for microservices. It continuously monitors application security compliance and issues alerts when vulnerabilities or suspicious events are discovered. In this short video we demonstrate how to use Tufin Orca to generate and enforce network security policies for applications running in Kubernetes.

Tufin Orca Demo: Automatic Policy Generation

To learn more about Tufin Orca, or to sign up for a free trial, visit tufin.com/TryOrca