NFV NEWS

NFV Home

NeuVector Solution Addresses Container Security

By Paula Bernier January 31, 2017

Traditional approaches to network security don’t work in container environments, says NeuVector. That prompted the company to introduce a new security solution for the container world.

"In order for security teams to keep up with DevOps, they can't be running around inspecting IP tables and updating rules,” says NeuVector CEO Fei Huang. “What we've designed is a security container that is intelligent enough to understand – in real-time – what applications are doing. There's not a faster, easier, and more secure way to ensure Docker container environments are protected from unwanted or malicious traffic."

This solution actually is a security container for containers in production environments. It learns and whitelists normal behaviors. That helps it detect abnormalities when it scans applications, containers, and hosts. And it can block abnormal connections that could indicate a distributed denial of service, DNS, or other attack.

"NeuVector is a cool visualization and security tool for AWS containers," said Henrik Johansson, Security Solutions Architect at Amazon Web Services Inc. "[With NeuVector], you can map container connections and identify abnormal application behavior during run-time. This is especially useful when you have many applications and containers running across different EC2 instances."

We’re hearing a lot about container security lately. Among the solution providers in this space are Aporeto, Aqua Security, Black Duck Software, Twistlock, and Weaveworks.

Twistlock Inc. CEO Ben Bernstein in an interview with us last year, commented that there was room for innovation in container security.

“We think containers actually will have a profound impact on how security is achieved in the future,” he said. “Runtime security and software security are increasingly being blended together, which will actually make security more efficient and more effective.”

We also met late last year with Aporeto co-founder Amir Sharif, who talked about the startup’s Trireme solution.

“Trireme makes it possible to set up security policies at scale and segment applications by enforcing end-to-end authentication and authorization,” he explained. “There is no need for complex control planes or IP/port-centric ACLs and east-west firewalls.”




Edited by Stefania Viscusi

Executive Editor, TMC

SHARE THIS ARTICLE
Related Articles

FatPipe Networks and Wind River Optimize NFV and SD-WAN Deployments

By: Frank Griffin    4/28/2017

FatPipe Networks and Wind River are collaborating to give service providers and telecom equipment manufacturers a solution to optimize and accelerate …

Read More

Coriant Joins ONAP Project to Accelerate Open SDN/NFV Adoption

By: Michael Guta    4/28/2017

Coriant is now part of the Open Network Automation Platform (ONAP) Project to help accelerate the adoption of open standards for Software Defined Netw…

Read More

Criterion Networks Updates its On-Demand SDN/NFV Platform

By: Frank Griffin    4/27/2017

Criterion Networks updates its On-Demand SDN/NFV platform to further accelerate, extend and deploy software-defined networking (SDN) and network funct…

Read More

Enea Unveils NFV Core for VNF Enablement

By: Paula Bernier    4/27/2017

Enea has come out with a high availability platform called NFV Core. Aimed at telecom equipment companies and service providers, virtualized customer …

Read More

Dimetis Brings Network Orchestrator to Market

By: Paula Bernier    4/26/2017

OSS developer Dimetis has come out with the OpsNGN orchestration platform. It supports both traditional and new network functions virtualization (NFV)…

Read More