Modern enterprise network environments are increasingly transforming to be cloud-based, where both applications and data storage are hosted in a cloud—and often multi-cloud—environment. The attack surfaces and security protection requirements of software in distributed cloud environments are vastly different from those in traditional network architectures, where applications and data are hosted on enterprise-owned servers in on-premise data centers.
Along with the business environment transformation, there is a parallel trend in the modernization of software development processes and environments. Applications have evolved from single-server software installs, to virtual machine (VM) server-independent environments, and more recently, to container-based technology. In these modern cloud-native, container-based architectures, the security mechanisms and protections for your business applications must evolve in line with software development methods and tools, as well as with the threats that exist during deployment, orchestration and day-to-day operation.
Hillstone’s CloudArmour is a cloud workload protection platform (CWPP) that provides comprehensive protection for all cloud workloads, including containers, VMs and other execution environments. CloudArmour provides enterprise IT teams with cloud-native container security capabilities for the Kubernetes environment. With extensive monitoring capabilities, proven intrusion detection and response features, and advanced learning-enhanced behavior modeling, Hillstone’s CloudArmour has demonstrated its value in demanding production environments across critical industries, such as financials, and utilities.
CloudArmour integrates into all stages of a development pipeline and folds into standard CI/CD deployment to ensure security across all stages.
Hillstone’s platform supports both private clouds as well as multiple public clouds.
From bare-metal host, to VM, to containers, to serverless, Hillstone’s CWPP leaves no workload unprotected.
Hillstone’s CWPP covers both the application in the container and the host simultaneously, monitoring dual sources of threats in real-time.
Hillstone’s CloudArmour is able to implement zero-trust and micro-segmentation through the use of traffic diversion, supplying an added layer of protection.
As with all of Hillstone’s products, our CWPP solution is managed from a single control point, regardless of the number of cloud environments the solution is deployed to, saving OpEx and improving visibility.
In summary, CloudArmour allows users to see all their cloud workloads, understand how assets and network traffic interact with each other, and allows users to act intelligently via a smart policy assistant and various policy configuration capabilities. This results in a cyber-resilient cloud scheme that’ll work, and be able to endure agile known and unknown threats in the cloud space.