Accuknox will be making available support for virtual machines and bare-metal workloads.
Today’s workloads are hybrid
Most common cloud workloads today are hybrid i.e can be a good mix of Virtual machines, K8s, or plain vanilla containers. Some workloads even run on bare metal infrastructure, for example labs, test infrastructure etc typically are run in-house on customer managed data-centers or colo data centers.
The problem that we’re trying to solve is that it should be easy to add Network security or application security policies for your cloud infrastructure on Accuknox, whatever be the kind of workload that you have i.e. a pure k8s or a hybrid workload with k8s and virtual machines.
The features that are a part of the VM / Baremetal support include:
Simplified on-boarding of virtual machines and bare-metal instances
Virtual machines and bare-metal instances can be easily on-boarded with simple scripts that can be deployed as a part of Terraform scripts so as to automatically have them enabled for cloud security policies on the Accuknox console.
Automated on-boarding with cloud infrastructure service account is also a feature that will be available shortly allowing Accuknox to pick up instance details from within cloud infrastructure such as AWS, Google Cloud and Azure service accounts.
Automated discovery of Processes and respective workloads
Accuknox automatically identifies user spaces processes and workloads so that security professionals can create policies that apply to specific processes. An example would be a mysql workload which is running on Virtual machines. Accuknox would automatically identify MySQL and assign a process profile enabling users to create security policies against specific processes.
Auto-discovery of policies on Virtual machine and bare metal workloads
Accuknox can also automatically discover network and application security policies on Virtual machine and bare-metal workloads for both network and application security policies.
These policies are available in the auto discovery UI on the Accuknox console. For more information, read the auto-discovery of policies blog
Identification of a full Process graph which allows us to map the full list of process calls, file access, network access, sys calls and more.
Learn more about Process Graph on this link