UPDATED 08:10 EDT / JUNE 29 2016

NEWS

Red Hat beefs up container security, adds new storage functionality

Just like every other major tech vendor, containers are a big focus for Red Hat Inc., which is aiming to retool its enterprise products around the technology. As part of that drive, the company yesterday showed off two new container security scanning solutions that can be run from within its Red Hat Enterprise Linux (RHEL) platform.

Container scanning tools are a popular way of ensuring security when building and running containerized apps. Numerous solutions have emerged in the last couple of years, such as Docker Security Scanning, which is offered as part of Docker Inc.’s cloud-based app delivery service. Another example is Twistlock Inc., whose container scanning tool also performs behavioral analysis and auditing on containers to detect even the hardest-to-find anomalies. The tool is reliable enough that Google recently decided to add it to the container services on its Google Cloud Platform.

But Red Hat clearly believes these aren’t enough. The company, which announced its new solutions at Red Hat Summit 2016 yesterday, is pursuing a strategy of having multiple scanning and protection mechanisms in place, which are integrated directly into the underlying platform, which in this case is RHEL.

The first solution builds on Red Hat’s partnership with Black Duck Software that saw the two companies team up last year to offer the latter’s container analysis tools on OpenShift. Now, this functionality has been added to Red Hat Enterprise Linux Atomic Host, the operating system that’s used as the foundation of OpenShift. In other words, you don’t need to be running OpenShift to access Black Duck’s container scanning engine any more, as it works directly within RHEL itself.

“Our customers want the agility of containers but cannot risk their mission-critical systems and applications on unknown content or unsupported containers – a key reason behind Red Hat’s focus on container security across our portfolio,” said Tim Yeaton, senior vice president of Red Hat’s Infrastructure Business Group, in a statement. “We recognize this challenge, and the latest version of Red Hat Enterprise Linux Atomic Host, with its simplified scanner integration, gives enterprises the freedom to choose a container scanning technology that best meets their needs.”

The second solution Red Hat unveiled is a preview of a container scanning technology created by the Open Security Content Automation Protocol (OpenSCAP) project. The technology is an open-source version of a general protocol for reporting software vulnerabilities that’s previously been used by Red Hat and SUSE. In this particular iteration, OpenSCAP is being used as a way to apply “tools and policies to help assess, measure and enforce IT security measures” within containers running on RHEL.

Container-Native Storage

Sticking with containers, Red Hat yesterday also announced a couple of new storage innovations designed to help DevOps teams more easily provision and manage persistent storage for containers.

Red Hat said its new Container-Native Storage capability, which will be available later this summer, will be integrated with its OpenShift Container Platform so applications and storage can be deployed in a converged manner wherein the storage is served from the containers. Doing so eliminates the need to have an independent storage cluster up and running, and leads to significant cost savings, greater efficiency and more storage space for container environments.

In a second storage-related move, Red Hat unveiled a new update to its Gluster Storage solution, integrating it with the OpenShift Container Platform to provide customers with a single point of support for containers. Red Hat Gluster Storage 3.1.3 allows developers to control both storage and application containers using a single control pane with Kubernetes in OpenShift, which is far more efficient than managing the two separately. Red Hat claims the innovation will enable greater automation and integration among DevOps teams.

“The latest Red Hat Gluster Storage release is designed to meet the needs of organizations that are becoming increasingly dependent on microservices and containers,” said Ranga Rangachari, vice president and general manager of Storage at Red Hat. “Traditional, monolithic storage appliances are not well-suited to deliver flexible and cost-effective storage to stateful applications deployed in Linux containers. Today’s announcement helps to provide those benefits and establish Red Hat’s open source platform as a de facto standard for building and managing containerized storage and applications.”

Image credit: Erling Sivertsen via flickr.com

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU