Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Secure Your Container Communications in 5 Minutes

DZone's Guide to

Secure Your Container Communications in 5 Minutes

We give a quick overview of newly released open source code that devs can use to quickly secure their container environments.

· Security Zone ·
Free Resource

Discover how to provide active runtime protection for your web applications from known and unknown vulnerabilities including Remote Code Execution Attacks.

More types of software testing are shifting left, including security. One of the challenges developers and IT departments face is container security, which has its issues, not the least of which is encryption overhead. 

Ironclad Encryption recently uploaded container images on GitHub and Docker Hub that are capable of securing communications between any containers, whether that's software, hardware, or both.  The containers also secure communications between different IaaS platforms, transport-layer protocols, clouds data centers, and hybrid environments. Since secure communications capabilities are built in, any two containers can communicate securely without any effort on the developer's part.

The secure container technology has three parts: a native Docker container TLS solution for low-overhead communication between containers; a symmetric TLS library written in Python that encrypts and decrypts egress and ingress layer 4 traffic (respectfully) using configurable symmetric encryption TLS cipher suites; technology that abstracts Docker services into a "Trustplane." The Trustplane secures data in transit so developers can ensure data integrity without concern for Data Plane and Control Plane configurations or security vulnerabilities.

Developers don't have to know anything about network security to use the containers. The containers also address the VPN overhead issue in multi-environment deployments.

The containers can be used for:

  • A single IaaS platform and a single Docker management platform such as AWS and a local Kubernetes deployment.
  • Multiple IaaS platforms such as Google Compute Engine (Kubernetes) and AWS EC2 Container Service (ECS).
  • Hybrid IT environments such as colocation (hypervisor) and AWS ECS.

There are no transport layer dependencies; however, transport layer security protocols are supported. 

Find out how Waratek’s award-winning application security platform can improve the security of your new and legacy applications and platforms with no false positives, code changes or slowing your application.

Topics:
docker ,containers ,continuous delivery ,security ,container security

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}