Support for Virtual Machines and Bare-metal workloads

Accuknox will be making available support for virtual machines and bare-metal workloads. This will be applicable for both the application and network security.

Today’s workloads are hybrid

Most common cloud workloads today are hybrid i.e can be a good mix of Virtual machines, K8s, or plain vanilla containers. Some workloads even run on bare metal infrastructure, for example labs, test infrastructure etc typically are run in-house on customer managed data-centers or colo data centers.

The problem that we’re trying to solve is that it should be easy to add Network security or application security policies for your cloud infrastructure on Accuknox, whatever be the kind of workload that you have i.e. a pure k8s or a hybrid workload with k8s and virtual machines.

The features that are a part of the VM / Baremetal support include:

Simplified on-boarding of virtual machines and bare-metal instances

Virtual machines and bare-metal instances can be easily on-boarded with simple scripts that can be deployed as a part of Terraform scripts so as to automatically have them enabled for cloud security policies on the Accuknox console.

Automated on-boarding with cloud infrastructure service account is also a feature that will be available shortly allowing Accuknox to pick up instance details from within cloud infrastructure such as AWS, Google Cloud and Azure service accounts.

Automated discovery of Processes and respective workloads

Accuknox automatically identifies user spaces processes and workloads so that security professionals can create policies that apply to specific processes. An example would be a mysql workload which is running on Virtual machines. Accuknox would automatically identify MySQL and assign a process profile enabling users to create security policies against specific processes.

Auto-discovery of policies on Virtual machine and bare metal workloads

Accuknox can also automatically discover network and application security policies on Virtual machine and bare-metal workloads for both network and application security policies.

These policies are available in the auto discovery UI on the Accuknox console. For more information, read the auto-discovery of policies blog

Identification of a full Process graph which allows us to map the full list of process calls, file access, network access, sys calls and more.

Learn more about Process Graph on this link

Other articles

Nat Natraj

Nat Natraj

July 13, 2021
Nat Natraj

Nat Natraj

July 13, 2021
Nat Natraj

Nat Natraj

July 13, 2021