The Cloudvisory Security Platform (CSP) provides near-real-time visibility into the complete history of network flows to, from, and between Kubernetes Pods and Containers. CSP delivers Cloud-Native Security on Kubernetes through integrations with Kubernetes APIs and NetworkPlugins.
CSP collects network flow data from a Node-level agent, meaning that – regardless of how many Pods and Containers run on a given Node – Cloudvisory's lightweight flow collection agent runs on each Kubernetes Node as a Kubernetes DaemonSet in each Kubernetes Cluster monitored by CSP.
The lightweight flow collection agent integrates with any Kubernetes NetworkPlugin that supports Kubernetes NetworkPolicies. Cloudvisory has found Calico plugin (calico-cni) to be the most common NetworkPlugin for large Kubernetes clusters.
CSP automatically discovers all resources within a given Kubernetes cluster and adds contextual data to reported network flow information by matching Kubernetes network flows to the IP address of the associated Kubernetes Pod. CSP Users visualize ingress and egress network flows for Kubernetes resources, providing a clear visual mapping of observed network flows across Kubernetes Clusters, Namespaces, Pods, and Containers.
CSP can also compare observed network flows to configured Network Policies for Kubernetes resources, providing configurable alerting and/or remediation for policy violations.