- CES 2025: ZDNET's 25 products that impressed us the most
- How Social Media is Spreading L.A. Misinformation Like Wildfire | McAfee Blog
- I took a 90-second eye exam at CES 2025, and the results were surprisingly accurate
- Thanks to Nvidia, there's a new generation of PCs coming, and they'll be running Linux
- This ultraportable LG tablet that runs on WebOS is my favorite TV at CES 2025
Securing AWS EKS Environments – Cisco Blogs
So, your organization’s simplifying Kubernetes management with AWS’s Elastic Kubernetes Service (EKS). Now, how are you going to secure that cluster?
Whether your role is on the application team, or in DevOps or SecOps, you might be thinking: We chose EKS because agility is important to us. Similarly, we need manageable and efficient security, so we can stay focused on what only our team can do.
Whether your organization is embracing a zero trust security approach, or you’re developing a threat model to prioritize your security actions and investments, several items are likely top-of-mind, including:
- Micro-segmentation and simplified east-west traffic control
- Software inventory and vulnerability detection
- Real-time analytics to detect security concerns
- Logical testing of planned security policy changes to rapidly model how such changes will impact your production environment
Cisco Secure Workload (formerly Tetration) supports the use cases above, and more, in AWS EKS environments. Since Secure Workload’s inception, its agent has always been lightweight, consuming less that 1% of CPU resources. Now, for container security, we’ve enhanced the agent to be easily deployed as a DaemonSet, rather than a host OS agent.
Here’s why we think you’ll like DaemonSets:
- It accelerates on-boarding Secure Workload in a K8s environment – run one script and it’s deployed to all nodes, simultaneously. Secure Workload scales up and down with the worker nodes, automatically.
- For developers and engineers familiar with Kubernetes, it is the native experience you’d expect.
- If you need to off-board, run the same script and it simultaneously, completely, and cleanly removes the Secure Workload agent from all nodes.
Additionally, Secure Workload provides a SaaS subscription option, simplifying proof-of-value demos and accelerating time-to-value in your production environment. Just as EKS is managed by AWS, the Secure Workload infrastructure is fully managed by Cisco, available globally, and supporting European data residency requirements. As customers “get their feet wet” with Secure Workload’s capabilities, they often begin by addressing one or two use cases, taking advantage of Secure Workload’s flexible, usage-based, pricing model.
Additional resources:
Share:
