How Pivotal Container Service Supports Container Security

Containers and Kubernetes are being rapidly adopted by enterprises eager to embrace cloud-native application development. However, containers create new challenges for security because they dissociate the application from the underlying operating system where security protocols reside. In this post, we'll explore how Pivotal Container Service (PKS) addresses the problem of container security while simplifying Kubernetes adoption for enterprises.

PKS standardizes Kubernetes deployment

PKS delivers enterprise-grade Kubernetes on VMware vSphere and Google Cloud Platform while ensuring constant compatibility with Google Container Engine (GKE). A game changer for the cloud-native ecosystem, PKS helps enterprises to reliably deploy and run containerized workloads across private and public clouds, ensuring continuity and stability every step of the way. Integrated with your existing infrastructure and the tools familiar to the operations team, PKS helps to secure the network and maintain a stable environment.

A cloud-native approach to container security

Engineered to provide a cloud-native approach in the challenging area of container security, PKS provides enterprises with peace of mind by delivering complete visibility and control of containerized applications through the entire lifecycle. Such an approach enables seamless integration with existing tools, ensures portability through independence from the underlying infrastructure, and delivers elastic scalability through embedded policies that apply across all containers and microservices.

NSX-T: advanced container networking and security

NSX-T, included with PKS, adds high availability, micro-segmentation, load balancing, and security policy to the container environment - enhancing and simplifying container networking and security as your organization scales with PKS. NSX-T deploys Kubernetes nodes on a separate subnet, making it easier to apply security policies that isolate and secure the Kubernetes clusters and namespaces from one another. In addition, PKS integration with Project Harbor, an open source container registry, enhances its security by means of vulnerability scanning and identity management functionality.

Key security features of PKS

• PKS uses clusters to implement multi-tenancy while ensuring containers stay isolated. Clusters are deployed in a secure, isolated network to protect traffic and data privacy and to ensure compliance.
• PKS provides an enterprise-grade, secure container registry that scans container images for vulnerabilities to mitigate the risk of security breaches arising from contaminated images.
• Micro-segmentation, security policies, container image signing, vulnerability scanning, and user identity and access management are available through User Account and Authorization Service (UAA).

Built-in security for a worry-free container experience

Because advanced security is built into PKS, developers can focus on building great applications while allowing PKS to manage application security though micro-segmentation, container image management, identity and access management, and vulnerability scanning. Integrated features - including a private container registry with enterprise-grade management - ensure a consistent and worry-free container experience.

Adopt containers securely with PKS and Redapt

With Kubernetes emerging as the top choice for container orchestration, Redapt is one of just a few systems integrators with the capabilities to deliver a PKS solution. If container security is top of mind for your enterprise, you can learn more about PKS in our latest ebook.