Tigera Expands Reach of K8s Security and Management Platforms
Tigera today announced that it is adding real-time intrusion detection capabilities with the latest release of Calico Cloud and Calico Enterprise platforms that enable secure networking between Kubernetes clusters.
In addition, Tigera revealed it has added dynamic packet capture for troubleshooting microservices in addition to providing integrations with the Panorama firewall management platform from Palo Alto Networks to enforce access control policies.
Amit Gupta, vice president of business development and product management for Tigera, says that as fleets of Kubernetes clusters are increasingly deployed in production environments, IT teams will need to manage networking and security at a higher level of abstraction. The Tigera platforms are based on the open source Calico project and are designed to be either deployed by an internal IT team or accessed via a software-as-a-service (SaaS) platform.
The intrusion detection capabilities being added to the Calico Container Firewall are based on the signatures that are made available via the open source Snort project.
The dynamic packet capture tool, meanwhile, surfaces a graph that simplifies troubleshooting by identifying the relationships between microservices running across a virtual network based on Calico. That capability is critical because microservices-based applications will reroute traffic rather than fail completely whenever a microservice is no longer available. However, in the absence of a service graph, it can take hours to discover the root cause of a degradation in performance caused by the need to reroute application traffic that adversely impacts service level objectives (SLOs).
As more organizations adopt Kubernetes, it’s becoming clear that IT and security management tasks are starting to converge. While security and IT teams may have employed separate frameworks to manage their respective tasks in a legacy IT environment, Gupta says Tigera’s platforms enable a team of IT professionals to manage tasks in a more collaborative manner. In effect, the management of IT and security in the age of Kubernetes is becoming more of a team sport as the overall application becomes more complex, he notes.
There are, of course, multiple approaches to achieving that level of task management convergence in a Kubernetes environment. Each IT organization will need to determine for themselves how best to manage and secure Kubernetes environments alongside legacy platforms where each task tends to be managed in isolation from each other. A security team, for example, usually has its own platform for managing operations. Modern platforms make it simpler for IT and security teams to collaborate via a common framework that ultimately serves to help reduce total costs by reducing the number of management platforms required.
That common platform also lays down the foundation for Tigera to expand its use of machine learning algorithms to automate more of those management tasks, says Gupta.
Regardless of how the management of IT evolves in the months and years ahead, it’s already clear the biggest challenges will have as much to do with the internal culture of IT organizations as it does the underlying platforms themselves.
