VMware and Docker are working together to tackle the problem of speed versus security. The collaboration intends to point out that there doesn’t need to be a tradeoff of one for another. And instead of focusing on controls that give organizations more speed, the focus is on the proper controls that give both speed and security.
VMware and Docker are working together to tackle the problem of speed versus security. The collaboration intends to point out that there doesn’t need to be a tradeoff of one for another. And instead of focusing on controls that give organizations more speed, the focus is on the proper controls that give both speed and security.
Speed can make or break companies in today’s environment. Once a business comes up with a good idea it needs to not only get it to the market quickly, they need to quickly improve the idea and service customer needs. While companies need to be able to go faster they must be able to do it safely. IT needs companies to go slow enough that it can use the right controls to protect data, customer privacy, and code confidentiality. Herein lies the problem: traditional controls can’t move fast enough. However, if companies had security controls that were designed to operate at the scale and speed that the company requires, they would be able to move faster knowing that their data is secure.
The success of Docker further illustrates the point of companies’ need to go faster. Docker is an open source project that is widely successful due to its ability to simplify and accelerate the development and deployment of applications and code. However advanced networking and security functions within Docker were fairly limited.
Docker and VMware are tackling the speed versus security problem in two ways. Docker has released libnetwork, a pluggable architecture with new features and new functionality without compromising user experience, which enables powerful networking and security functionality within the Docker Engine. VMware is leveraging libnetwork to bring microsegmentation via VMware NSX. Microsegmentation enables strong, policy-driven stateful firewalling in Docker container environments. Through microsegmentation stateful firewalling can be provided for every workload in the data center and security policies are automatically provided at scale.
Now microservice architectures can be built within Docker and using libnetwork users can apply microsegmentation to these new microservice architectures. Users can apply stateful firewalling to both VMs and containers. This collaboration will enable developers to adopt technologies such as Docker to speed deployment while IT knows that they will have the proper controls to protect the companies data.
Initially this integration will come through VMware’s ongoing support of the open source Open vSwitch project and the related Open Virtual Network effort.
Sign up for the StorageReview newsletter