CN-Series Container NGFWs Now on Red Hat OpenShift Platform OperatorHub

We’re pleased to announce another way to accelerate container security with the availability of the CN-series container firewall on Red Hat Openshift Platform OperatorHub. Customers can now rapidly deploy, configure and operate the CN-Series container firewall for Kubernetes environments directly from this Red Hat web service. It’s a development designed to save customers time and effort by removing the complexity of manual application administration.

Hybrid Cloud Agility Needs Hybrid Cloud Security

Red Hat OpenShift Container Platform is, as its name suggests, a leading, enterprise-ready Kubernetes container platform. It is frequently used as a consistent foundation for building, deploying and running applications across hybrid cloud, multi-cloud and edge environments.

Red Hat has a significant market share across a range of industries where developers push new applications quickly to production environments. While using OpenShift is meant to increase agility, adopting the right security tools for a consistent security posture is critical so containerized applications are not left vulnerable to attacks.

CN-Series Speeds Container Security on OperatorHub

But now, the CN-Series container firewall is easily available through Red Hat OpenShift OperatorHub, designed to make Kubernetes applications easy to deploy.

It’s important to understand that Kubernetes simplifies the management of stateless applications, such as web apps, mobile backends and API services without requiring users to possess additional knowledge about how applications work. However, stateful applications – such as databases and monitoring systems – require domain-specific knowledge to scale, upgrade and reconfigure.

This is where Kubernetes operators come into the picture: they streamline the process of domain encoding into easy-to-use Kubernetes extensions. This helps further reduce complexity, because operators simplify the management and automation of an application’s lifecycle.

OperatorHub is the OpenShift web interface that cluster administrators use to discover and install operators to automate deployment and maintenance of platform services and workloads. With a single click, an operator can be pulled from its off-cluster source, installed and subscribed on the cluster, and made ready for engineering teams.

Extend this concept to security, and protecting container applications becomes easier to accomplish. With CN-Series certified as an operator – and now available on OperatorHub – organizations can access and deploy containerized security on a Red Hat OpenShift cluster. This is meant to provide customers with the ability to:

• Scale CPU and memory usage for applications
• Specify the optimal deployment type (Daemonset mode or Kubernetes Service Mode)
• Easily configure CN-Series deployment to protect containerized applications on OpenShift

Meet Container Security Challenges and Network Security Challenges

These capabilities are critical, because container security is also a pressing network security problem. Containerized applications are subject to ever-growing attacks and threat surface issues due to inconsistent security posture caused by fragmented point security products. While agent-based deploy-time (shift-left) security products help to identify and patch known vulnerabilities at scale, applications can be rendered helpless against unknown and unpatched vulnerabilities.

What’s more, network security teams often do not have the visibility and control over container traffic needed for a strong security posture. This can result in slowing down important development efforts, and frustrate cross-functional teams.

Containers may seem like a secure option for running applications but in reality, network-based threats still apply. Network security teams often lack container expertise and do not have the necessary tools to secure containerized apps. This results in a fragmented security posture that leaves modern apps vulnerable to attacks.

CN-Series Meets and Exceeds The Challenge

The Palo Alto Networks CN-Series container firewall is the first next-generation firewall purpose-built to secure Kubernetes orchestration environments from network-based attacks. The CN-Series firewall enables network security teams to gain layer-7 visibility into Kubernetes environments, provide inline threat protection for containerized applications deployed anywhere and dynamically scale security without compromising DevOps agility.

What’s more, CN-Series ensures frictionless continuous integration/continuous development (CI/CD) pipeline deployment while delivering unparalleled runtime network protection through unified management across multiple firewalls.

Get Started Today with These Resources

And now, the CN-Series firewall is now even more accessible, thanks to availability on OperatorHub. You can also learn more about how Red Hat operators make the application management processes scalable, repeatable and consistent across different platforms in this Red Hat Operators 101 blog. Or just contact us – we’d be delighted to provide you with a personalized demo.