containerizing traditional applications microservices and cloud
TRANSCRIPT
ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016
2
StepstoContainerizeanyApplicationü Identifyandhandleapplicationstate
ü Decideonhowmanycontainers
q Selectcontainersecurityoptions
q Selectcontainernetworkingoptions
q Selectcontainerstorageoptions
Whatwecoveredlasttime…
http://www.nirmata.com/resources/meetups/
ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016
3
• Introductions&Overview
• LevelsofContainerSecurity
• Twistlock
• Demo
• Q&A
SecurityforContainerizedApps
ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016
4
ChenxiWang-ChiefStrategyOfficeratTwistlockPreviouslyVPatCipherCloudandIntel,AnalystatForresterResearch,Assoc.ProfessoratCMU-Ph.D.inComputerSciencefromUniversityofVirginia.
JimBugwadia-FounderandCEOatNirmata
Developer,architect,andleadershiprolesatCisco,TrapezeNetworks,andPanoLogic,BellLabs,Motorola.MSComputerScienceUniversityofIllinois.
RiteshPatel-FounderandProductLeadatNirmataEngineeringandbusinessleadershipatBrocade,TrapezeNetworks,NortelandMotorola.MBAfromBerkleyHaas
ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016
5
AboutTwistlock
• Firstenterprisesolutionpurposebuiltforsecuringcontainers
• Cradle-to-scalesecurityo Protectionfromdevelopmenttoproduction
o Portable:anycloud,anyapp,anyregistry
• Technologypioneero 15patents,firstsecuritypartnerforAWSECS&GoogleGCE,Dockercontributor
o Marketleader–30+livedeployments
o DarkReading:“20CyberSecuritycompaniestowatch”.SCmagazine:“Bestemergenttechnology”.CRN:“Toptencloudsecuritystartupstowatchin2016”
ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016
6
nirmata
Softwareinfrastructureisbestdeliveredas-a-service
Cloud-nativeapplicationsneedcloud-nativemanagement
Applicationsshouldnotbelockedintoacloudprovider
1
2
3
• Fortune1000aswellasstartupcustomersinproduction
• 1M+pulls;10K+managedcontainerspermonth!
• Widerangeofapps–fromEnterpriseITtoIoT!
webelieve….
deploy,operateandoptimizecontainerizedapplicationsonanycloud!
ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016
7
The3LevelsofContainerSecurity
1. TheExecutionEnvironmenthosts,containerdaemon,networks,accesscontrols,…
2. ContainerImagesimagescanning,imagesigning,imageverification
3. TheApplicationmanagecredentials,secrets,data.Detectandrespondtoactivethreatsandintrusions
ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016
10
DockerDaemon
VolumePluginKeywhiz-fs
NirmataAgent
ContainerContainerContainer
Admins 1. Manage Secrets 2. Manage Apps
ManagingsecretsusingKeywhiz
ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016
11
Summary
1. Containersecurityisanconsiderationincontainerizingatraditionalapplication
2. Yourcontainersecuritystrategyshouldaddress:o TheExecutionEnvironmento ContainerImageManagemento TheApplication
3. Withtherighttooling,runningapplicationsincontainerscanbemoresecure!
ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016
12
Ifyoulikedthissession…
1. Ratethissessionandaddareview
2. Getafreetrialsofoursponsor’stools!
http://www.meetup.com/microservices/
try.nirmata.iohttps://www.twistlock.com/demo/
ContainerizingTraditionalApplications–SFBayAreaMicroservicesMeetup-August24th2016
13
o [email protected] @ChenxiWango https://www.linkedin.com/in/chenxiwang88
o [email protected] @JimBugwadiao https://www.linkedin.com/in/jimbugwadia
o [email protected] @riteshdpo https://www.linkedin.com/in/patelrit
Getintouch welovetohelp!