- Navigating the Future of Cisco Distribution: Insights from the Black Belt Academy
- Zoom says it's no longer a video company. What that means for your meetings
- Best Black Friday deals 2024: 160+ sales live now featuring some of the lowest prices ever
- Attack Group APT-C-60 Targets Japan Using Trusted Platforms
- Tapping into the benefits of an open data lakehouse for enterprise AI
Securing AWS EKS Environments – Cisco Blogs
So, your organization’s simplifying Kubernetes management with AWS’s Elastic Kubernetes Service (EKS). Now, how are you going to secure that cluster?
Whether your role is on the application team, or in DevOps or SecOps, you might be thinking: We chose EKS because agility is important to us. Similarly, we need manageable and efficient security, so we can stay focused on what only our team can do.
Whether your organization is embracing a zero trust security approach, or you’re developing a threat model to prioritize your security actions and investments, several items are likely top-of-mind, including:
- Micro-segmentation and simplified east-west traffic control
- Software inventory and vulnerability detection
- Real-time analytics to detect security concerns
- Logical testing of planned security policy changes to rapidly model how such changes will impact your production environment
Cisco Secure Workload (formerly Tetration) supports the use cases above, and more, in AWS EKS environments. Since Secure Workload’s inception, its agent has always been lightweight, consuming less that 1% of CPU resources. Now, for container security, we’ve enhanced the agent to be easily deployed as a DaemonSet, rather than a host OS agent.
Here’s why we think you’ll like DaemonSets:
- It accelerates on-boarding Secure Workload in a K8s environment – run one script and it’s deployed to all nodes, simultaneously. Secure Workload scales up and down with the worker nodes, automatically.
- For developers and engineers familiar with Kubernetes, it is the native experience you’d expect.
- If you need to off-board, run the same script and it simultaneously, completely, and cleanly removes the Secure Workload agent from all nodes.
Additionally, Secure Workload provides a SaaS subscription option, simplifying proof-of-value demos and accelerating time-to-value in your production environment. Just as EKS is managed by AWS, the Secure Workload infrastructure is fully managed by Cisco, available globally, and supporting European data residency requirements. As customers “get their feet wet” with Secure Workload’s capabilities, they often begin by addressing one or two use cases, taking advantage of Secure Workload’s flexible, usage-based, pricing model.
Additional resources:
Share: