Given the proliferation of containers deployed on top of virtual machines, many IT organization are looking for security and monitoring tools to provide visibility into those containers. At the VMworld 2017 conference this week, NeuVector demonstrated what it describes as the first monitoring tool that runs natively in a VMware vSphere Integrated Containers (VIC) environment.
VIC is a Docker container runtime environment that is compatible with VMware security and management tools. NeuVector CEO Fei Huang says because NeuVector is deployed as a container, it provides a complementary layer of application security that can be employed to inspect, audit and visually analyze container connections up to Layer 7 of the network stack to identify threats and policy violations that would not be detected by traditional network firewalls and segmentation. Most other monitoring tools, he notes, rely on static scans rather than continuously monitoring the container runtime environment.
NeuVector makes use of embedded behavioral learning capabilities to create security policies that can be applied to both the containers and the hosts they run on. Huang says that capability allows NeuVector to, for example, detect vulnerabilities and anomalies indicative of suspicious activity such as privilege escalations.
NeuVector can employed across multiple container runtime environments to provide IT organizations with a consistent means of monitoring and securing containers running on multiple hosts, including Amazon Web Services (AWS) and Kubernetes platforms. VIC is designed to make it easier for IT organization to deploy container applications alongside existing legacy applications running on a virtual machine. But given the number of container host environments in existence, it’s probable most IT organizations will deploy multiple container hosts.
Huang says NeuVector is designed to provide a way to manage and secure container runtime environments without having to deploy any agent software. That approach allows IT organizations to deploy container hosts from multiple vendors as they best see fit.
NeuVector is filling a security gap that holds back many IT organizations from deploying as many containers as they otherwise might. There are plenty of tools for managing containers, but none of those tools provide both a means to manage and secure containers, says Huang.
Thanks to the rise of DevSecOps, developers are playing a more active role in IT security. But IT security professionals are still primarily responsible for securing the runtime environments that container applications are deployed on, right down to the host level, says Huang. But with the tools to secure containers, most IT security professionals are not going to have as much confidence in those container runtimes as they do other environments.
It’s unclear how many companies will deploy containers in a VMware environment versus some other host construct. VMware still dominates enterprise IT environments, but rival open-source runtime platforms are gaining ground. But new approaches will be required to manage and secure evermore diverse IT environments.