Compute Services

The Run Up to KubeCon: Easing the Burden of Security and Infrastructure Management

Share this post:

Enhancing enterprise deployments on Kubernetes

The number of Kubernetes workloads in production continues to rise across public, hybrid, and private cloud implementations. This is why, at IBM, mission-critical production workloads for Watson and Blockchain platforms run on the publicly managed IBM Cloud Kubernetes Service. Building upon that foundation, IBM has recently announced several services to enhance enterprise deployments on Kubernetes, easing the burden around security and infrastructure management.

These announcements strengthen IBM’s strategy to help clients rapidly drive cloud adoption across multiple cloud environments, highlighted by recent multicloud offerings and the pending acquisition of Red Hat. In the same vein, the IBM Cloud Kubernetes Service helps developers manage containerized applications with interoperable tools and portability.

In the run up to KubeCon, we announced new capabilities to ease Kubernetes operations and improve security across multiple cloud architectures.

Operations: Automated and secure

Increasing availability, reducing outages, and scaling to app demands are made possible with managed HA masters for all IBM Cloud Kubernetes Service clusters on IBM Cloud.  Further scaling of storage and compute resources are extended with the new additions of IBM Cloud Databases now for Elasticsearch, etcd, and RabbitMQ. These new features are backed up by the resiliency of IBM’s data centers and multi-zone regions, which continue to expand to new locations around the world to provide the highest availability of workloads and geographical reach for developers.

With IBM Cloud DevOps Insights, software teams can now leverage advanced analytics to derive insights about their DevOps process with data mined from their toolchain, including IBM, third-party, and open-source tools. With this industry first, you can aggregate, test, build, and deploy application data into a single dashboard to automate policies, speed reviews, analyze risk, and improve how teams code together.

Keeping security at the forefront, IBM announces the IBM Cloud Security Advisor, a dashboard to enable centralized security management. Security Advisor analyzes vulnerabilities and network data plus application and system findings from IBM Services, partners, and user-defined sources. By centralizing security and enabling drill down to resolution, Security Advisor empowers an organization’s security admin to manage security on IBM Cloud, including information from cutting-edge container security partners like NeuVector.

Because workloads have a range of compliances to adhere to across highly regulated industries, the IBM Cloud Kubernetes Service implemented regulation controls for the Health Insurance Portability and Accountability Act (HIPAA), ISO, SOC1, and SOC2 requirements. Now, governed industries and sensitive workloads can stay compliant, regardless of the deployment model, with the ease of a unifying architecture.

Services to help organizations that work with sensitive data or in highly regulated industries

IBM also announced the following services to help organizations that work with sensitive data or in highly regulated industries.

  • Runtime Memory Encryption: IBM Data Shield enables users to run containerized applications in a secure enclave on IBM Cloud Kubernetes Service worker nodes. It can encrypt data in use anytime a user has a sensitive workload that requires runtime encryption and provide detailed visibility into the node security attributes to ensure compliance. IBM Cloud Data Shield is powered by the Fortanix Runtime Encryption platform, Intel ® SGX technology, and includes secure enclave enabled containers for MySQL, NGINX, and Vault.
  • Database-as-a-Service for sensitive data: IBM is announcing the beta of Hyper Protect DBaaS, which provides industry-leading data confidentiality that allows data owners to have complete control over their data by preventing cloud operator access, and is backed by unparalleled vertical scale and performance. This service allows customers to provision and manage highly secure, high-volume databases (PostgreSQL and MongoDB EE) on IBM Cloud without the need for specialized database skills through standard APIs to provision, manage, maintain, and monitor multiple database types.

Check us out at KubeCon

To learn more about how IBM Cloud Kubernetes Services is enabling enterprise deployments securely and easily across multiple cloud environments, see what we’re doing at KubeCon this week.

 

Program Director, Offering Management, IBM Kubernetes Service & IBM Container Registry

More Compute Services stories
May 7, 2019

We’ve Moved! The IBM Cloud Blog Has a New URL

In an effort better integrate the IBM Cloud Blog with the IBM Cloud web experience, we have migrated the blog to a new URL: www.ibm.com/cloud/blog.

Continue reading

May 6, 2019

Use IBM Cloud Certificate Manager to Obtain Let’s Encrypt TLS Certificates for Your Public Domains

IBM Cloud Certificate Manager now lets you obtain TLS certificates signed by Let’s Encrypt. Let’s Encrypt is an automated, ACME-protocol-based CA that issues free certificates valid for 90 days.

Continue reading

May 6, 2019

Are You Ready for SAP S/4HANA Running on Cloud?

Our clients tell us SAP applications are central to their success and strategy for cloud, with a deadline to refresh the business processes and move to SAP S/4HANA by 2025. Now is the time to assess, plan and execute the journey to cloud and SAP S/4HANA

Continue reading