Cloud Workload Protection
Hillstone CWPP Solution
Moving from VMs to Container Orchestration
Modern enterprise network environments are increasingly transforming to be cloud-based, where both applications and data storage are hosted in a cloud—and often multi-cloud—environment. The attack surfaces and security protection requirements of software in distributed cloud environments are vastly different from those in traditional network architectures, where applications and data are hosted on enterprise-owned servers in on-premise data centers.
Along with the business environment transformation, there is a parallel trend in the modernization of software development processes and environments. Applications have evolved from single-server software installs, to virtual machine (VM) server-independent environments, and more recently, to container-based technology. In these modern cloud-native, container-based architectures, the security mechanisms and protections for your business applications must evolve in line with software development methods and tools, as well as with the threats that exist during deployment, orchestration and day-to-day operation
Why Do We Need Container Security?
- Integrate into existing CI/CD and DevOps environments and processes — Security solutions need to seamlessly fit into today’s application pipelines without adding significant overhead or complexity.
- Support multiple public and private clouds — Development teams today are running services and deploying assets to multiple public clouds (and private clouds).
- Protect bare metal, virtual machines, containers, and serverless workloads — Enterprises seldom have just one application deployment environment. Different teams will use different platform architectures. A sufficient cloud workload security solution needs to support all the variations.
- Full application stack visibility — Security solutions need to cover all elements in a deployment, from each Kubernetes worker node to operating system hosts.
Hillstone Networks CWPP Solution CloudArmour
Hillstone CloudArmour — Comprehensive Cloud Workload Protection
Hillstone’s CloudArmour is a cloud workload protection platform (CWPP) that provides comprehensive protection for all cloud workloads, including containers, VMs and other execution environments. CloudArmour provides enterprise IT teams with cloud-native container security capabilities for the Kubernetes environment. With extensive monitoring capabilities, proven intrusion detection and response features, and advanced learning-enhanced behavior modeling, Hillstone’s CloudArmour has demonstrated its value in demanding production environments across critical industries, such as financials, and utilities
Easy integration into DevOps pipelines
CloudArmour integrates into all stages of a development pipeline and folds into standard CI/CD deployment to ensure security across all stages.
Multi-cloud and hybrid cloud support
Hillstone’s platform supports both private clouds as well as multiple public clouds.
Wide range of workload coverage
From bare-metal host, to VM, to containers, to serverless, Hillstone’s CWPP leaves no workload unprotected.
Host and container dual protection
Hillstone’s CWPP covers both the application in the container and the host simultaneously, monitoring dual sources of threats in real-time.
Micro-segmentation and intrusion capabilities
Hillstone’s CloudArmour is able to implement zero-trust and micro-segmentation through the use of traffic diversion, supplying an added layer of protection.
Comprehensive single-dashboard visibility
As with all of Hillstone’s products, our CWPP solution is managed from a single control point, regardless of the number of cloud environments the solution is deployed to, saving OpEx and improving visibility.
In summary, CloudArmour allows users to see all their cloud workloads, understand how assets and network traffic interact with each other, and allows users to act intelligently via a smart policy assistant and various policy configuration capabilities. This results in a cyber-resilient cloud scheme that’ll work, and be able to endure agile known and unknown threats in the cloud space.
Featured CWPP Resources
Recent Blog Articles
iSource 2.0R12: Unlocking New Capabilities for IT Management
Leveling Up Your Security Game: What’s New in Recent BDS Releases
HSM 5.6.0: Taking Centralized Management to the Next Level
Learn More about CWPP
Engage with us to learn more about Hillstone’s CWPP solutions by contacting your local authorized Hillstone Networks reseller.
Contact Us
For the 4th year in a row, Hillstone Networks has been recognized in Gartner Peer Insights Customers’ Choice for Network Firewalls.
The Customers’ Choice is a rating of vendors in a given market — for Hillstone, it’s Network Firewalls — that take into account both the number of reviews and the overall user rating. Based on feedback and ratings from our end users who have purchased, implemented and are happily using our products and services, Hillstone’s overall rating came to 4.9.