Data Center Security

 View Only

Securing Docker containers in the data center 

Sep 07, 2016 02:30 PM

Docker_(container_engine)_logo.png

 

We live in an exciting time for data center operations. Innovative technology such as Docker containers eliminate all of the superfluous processes that can bog down a machine and enable servers to live up to their potential. Containers make it easy to develop, deploy, and deliver applications that can be deployed and brought down in a matter of seconds. This flexibility makes it very useful for DevOps to automate continuous integration and deployment of containers.

But as a relatively new technology platform, Docker containers introduce new threat surfaces to the data center. The host operating system, the Docker daemon and its containers are open to vulnerabilities that can be breached. The Docker app store already lists over 100,000 free apps, but these pre-built containers have a wide range of security impacts that are not readily apparent.

The latest release of Symantec Data Center Security: Server Advanced (6.7) addresses this very issue. If you’re running Docker containers with Data Center Security, you have visibility and control over your entire Docker deployment. You’ll also be able to enforce compliance across your Docker environment by applying real-time Unix security and monitoring policy to the Docker host. Hardening Docker containers is handled with agentless security via container isolation, and of course, Data Center Security: Server Advanced gives you the power to manage policies and events across your entire Docker deployment.

If you’re already using Symantec Data Center Security: Server Advanced, a simple version update will instantly provide visibility, compliance, hardening, and management capabilities to containers in your DC’s.

And, if you’re exploring the benefits of Docker (which there are many), and you want to learn more, click here  for a list of critical security considerations as well as a more expended description of the vulnerabilities that may put unprotected Docker environments at risk. 

Statistics
0 Favorited
1 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Comments

Oct 03, 2017 01:47 PM

Hello,

 

Just had a few questions on using DCS:SA in a container environment. When a host with multiple containers is registered with a server, I understand that the containers are assigned to the Virtual Agents security group. 

1.   How can I apply policies to the Virtual Agents security group?

2.   Do all policies in this container environment have to be applied at the host level or is it possible to assign containers to custom security groups?

3.   If I were to start a new container, would DCS automatically detect the existence of a new container? How can I apply a custom policy this new container that I have just started? Does DCS apply a default policy to newly started containers?

 

Thanks and Regards

Related Entries and Links

No Related Resource entered.