- Buy Microsoft Visio Professional or Microsoft Project Professional 2024 for just $80
- Get Microsoft Office Pro and Windows 11 Pro for 87% off with this bundle
- Buy or gift a Babbel subscription for 78% off to learn a new language - new low price
- Join BJ's Wholesale Club for just $20 right now to save on holiday shopping
- This $28 'magic arm' makes taking pictures so much easier (and it's only $20 for Black Friday)
Securing AWS EKS Environments – Cisco Blogs
So, your organization’s simplifying Kubernetes management with AWS’s Elastic Kubernetes Service (EKS). Now, how are you going to secure that cluster?
Whether your role is on the application team, or in DevOps or SecOps, you might be thinking: We chose EKS because agility is important to us. Similarly, we need manageable and efficient security, so we can stay focused on what only our team can do.
Whether your organization is embracing a zero trust security approach, or you’re developing a threat model to prioritize your security actions and investments, several items are likely top-of-mind, including:
- Micro-segmentation and simplified east-west traffic control
- Software inventory and vulnerability detection
- Real-time analytics to detect security concerns
- Logical testing of planned security policy changes to rapidly model how such changes will impact your production environment
Cisco Secure Workload (formerly Tetration) supports the use cases above, and more, in AWS EKS environments. Since Secure Workload’s inception, its agent has always been lightweight, consuming less that 1% of CPU resources. Now, for container security, we’ve enhanced the agent to be easily deployed as a DaemonSet, rather than a host OS agent.
Here’s why we think you’ll like DaemonSets:
- It accelerates on-boarding Secure Workload in a K8s environment – run one script and it’s deployed to all nodes, simultaneously. Secure Workload scales up and down with the worker nodes, automatically.
- For developers and engineers familiar with Kubernetes, it is the native experience you’d expect.
- If you need to off-board, run the same script and it simultaneously, completely, and cleanly removes the Secure Workload agent from all nodes.
Additionally, Secure Workload provides a SaaS subscription option, simplifying proof-of-value demos and accelerating time-to-value in your production environment. Just as EKS is managed by AWS, the Secure Workload infrastructure is fully managed by Cisco, available globally, and supporting European data residency requirements. As customers “get their feet wet” with Secure Workload’s capabilities, they often begin by addressing one or two use cases, taking advantage of Secure Workload’s flexible, usage-based, pricing model.
Additional resources:
Share:
