Highly secure trusted cloud platform provider Apcera, Inc. today announced the release of its own approach to securely managing Docker containers in production at scale. The product is an enterprise-ready orchestration framework called the Apcera Trusted Cloud Platform and it is designed to address today’s gaps in container deployment, management and scalability with an eye for trust and security.

Docker containers continue to ease into the DevOps lifecycle of enterprise application deployment. According to Datadog, a cloud monitoring-firm, research released shows that Docker adoption is up 30 percent in the past 12 months from 8.2 percent of the company’s customers to 10.7 percent. With increasing use of containers, teams continue to address security issues that arise and tools are coming to the market to proactively handle these concerns. To do this, the Apcera Trust Cloud Platform uses a concept known as nano-segmentation.

This is an iteration on a practice known as micro-segmentation, which isolates network segments for workloads on at the virtual machine level; nano-segmentation uses network and workload isolation at container level of application policy. This is designed to allow workloads to move across infrastructures using real-time and software-defined networking to provide a very powerful mode of policy governace.

The current industry standard for segmenting containers is micro-segmentation and Jon Oltsik, ESG (Enterprise Strategy Group Inc.) senior principal analyst and the founder of the firm’s cybersecurity practice, believes that implementing some form of this is important to increasing container security. In response to a survey by a security-as-a-service survey by ESG and vArmour, a datacenter security company, “Given organizations’ adoption of cloud architectures and the consistent rise of attacks, more advanced security tactics, such as micro-segmentation, are necessary to lower the risks and costs associated with cybercrime.”

Mark Thiele, chief strategy officer at Apcera explained about the product, “Once Docker moves into enterprise production, your ability to monitor, update, govern and provide trust begins to break down almost immediately.” Emphasizing the thoughts about the future of security risks outlined by ESG’s Oltsick, Thiele addded: “The real Docker challenge is how to manage and secure so many moving parts in the wild.”

The Apcera Trust Cloud Platform is also infrastructure agnostic, allowing DevOps teams to work with public, private and hybrid clouds and still receive the same security from the nano-segmentation paradigm.

Thiele continued, “Until now, container management was not designed with the realities of Docker in production at scale, or multi and hybrid cloud, in mind. Because Apcera can securely run containerized workloads in production across any infrastructure, public or private, it is the most efficient, secure and scalable platform for making a container strategy truly enterprise-ready.”

Features of the Apcera Trusted Cloud Platform

Using the Apcera Trusted Cloud Platform a DevOps team has greater visibility of the complete lifecycle of containers and the entire application stack across infrastructure.

Features of the Trusted Cloud Platform include policy controls around container access (at the container and application levels) and a mechanism to verify container integrity based on image. The platform also defines operational properties for container placement, resource consumption permissions and enforcement of thresholds to protect against under- or over-provisioning of resources. Finally the platform delivers a hyper-defined, policy driven firewall around each application designed around a multi-cloud overlay network and multi-infrastructure orchestration for security and application protection.

Much of the design behind the Trusted Cloud Platform circulates around making it as flexible as possible for enterprise environments. Today’s DevOps teams spend a lot of time going from the nuts and bolts of software defined networking and X-as-a-Service bolted onto legacy systems that often it’s hard to prepare for exactly what a container needs to run on. Having a security system that can orchestrate containers in almost any environment frees up the DevOps team to worry about policy and management.

The Apcera Community Edition of its platform is free to download and use and hooks into a broad developer community with a great deal of resources. For enterprise-level users, Apcera also offers an Enterprise Edition with a larger number of features that open up hybrid-cloud, high availability, monitoring, enterprise-level product support, etc.

Featured image credit: Image via Huskyherz.