Octarine extends VMware Tanzu Service Mesh with L7 anomaly detection for compliance

By Julien Sobrier, Head of Product, Octarine

Octarine is developing an interoperable solution for VMware Tanzu Service Mesh, built on VMware NSX, to enhance cloud native application security. Leveraging the network Intrusion Detection System (IDS) of Octarine’s Kubernetes security platform along with the security policies from VMware Tanzu Service Mesh, Octarine will help enterprises accelerate the adoption of cloud native applications.

Octarine provides a Kubernetes security platform that interoperates with the Tanzu Service Mesh policy framework. It operationalizes continuous visibility and control of the risk posture of both containers and the service mesh, as well as threat detection that includes a network IDS, network behavior analysis, and the identification and blocking of network access to malicious IPs and domains.

Secure microservices and deny risky apps

Octarine enriches the security information provided by Tanzu Service Mesh. This means better visibility of your security posture, and richer policies to control traffic between microservices and data.

Octarine reports the risk score of each workload based on the open source KCCSS framework. Octarine looks at the 30+ workload configuration settings that affect the security of your microservices to create a risk score. Tanzu Service Mesh customers can use this risk score in their policy to deny access to risky applications.

By interoperating with Tanzu Service Mesh, Octarine does Layer 7 traffic inspection. Octarine detects network threats through a network IDS, giving real-time alerts to Tanzu Service Mesh about attempts to breach microservices, internal lateral movements, and any type of malicious activities. The IDS includes a network behavioral engine that detects unusual traffic patterns such as data exfiltration, internal scanning of services, spikes or HTTP errors, etc. These alerts can be managed directly by Tanzu Service Mesh. Using an extensible Tanzu Service Mesh policy framework, users are able to create fine-grained and dynamic policies to automatically restrict or isolate potentially compromised microservices, or to isolate failing components to prevent cascading failures in your clusters. 

Octarine can also inspect all east-west traffic inside the service mesh, as well as ingress and egress traffic for encryption. Octarine reports what traffic is not encrypted, the encryption strength (such as TLS version) used by the service mesh and by the microservices that natively encrypt egress traffic. This gives Tanzu Service Mesh users an overview of their entire network traffic encryption.

The Bottom Line

The Octarine platform operationalizes and simplifies security visibility and control for Tanzu Service Mesh users. We are proud to join the Tanzu Service Mesh security ecosystem. Octarine and VMware Tanzu Service Mesh bring security for microservices that will enable users to confidently adopt cloud native applications. The combination of VMware Tanzu Service Mesh and Octarine gives you enhanced visibility, control, and security of your cloud native applications.

Get in touch with us: info@octarinesec.com