Virtualization Technology News and Information
Weaveworks Introduces New Security Capabilities in Weave Net 1.7

Weaveworks, the makers of Weave networking, monitoring and management for containers and microservices, today announced Weave Net 1.7, introducing new security capabilities and integrating with network security policies in Kubernetes 1.4. Weave Net 1.7 enables customers to automatically firewall microservices, reducing the attack surface, and meeting security and compliance objectives like PCI. Weave Net 1.7 can also be used to secure Kubernetes itself from insider attacks. 

“Kubernetes continues to get more powerful and easier to deploy with version 1.4,” said Mathew Lodge, COO, Weaveworks. “With Weave Net 1.7, it also becomes easier to deploy hardened production applications that maintain compliance with stringent network security policies. Fine-grained security controls, fully integrated with Kubernetes and automatically updated, are just one more way that Weave Net provides ‘invisible infrastructure’ for containers and microservices.”

The ability to secure and firewall microservices

Weave Net implements a “micro SDN”, providing containerized applications with a simple network and full service discovery, requiring zero configuration or coding, and with no external dependencies. Its unique Internet-style approach provides a network of cooperating, independent Weave routers that avoid any dependency on central databases or cluster stores, making it the best solution for production container networks. Weave Net is simple to integrate with uncontained systems and services, and has full support for multicast on any network, including public clouds.

Weave Net 1.7 is available as a Kubernetes CNI (Container Network Interface) plug-in, a Docker networking plug-in, and stand-alone. Its latest features include:

  • Security: Customers can now define firewall policies to filter traffic between microservices and containers, including at the Kubernetes namespace and pod level. Customers using Kubernetes and Weave Net now have fine-grained controls for security that are tied to service definitions in Kubernetes rather than isolated subnets.
  • Production-ready: Unlike all other Kubernetes CNI plugins, Weave Net does not have any external dependencies on databases. This makes Weave Net uniquely simple to set up, maintain and operate.
  • Portability: Since Weave Net provides a “Micro SDN” for Kubernetes clusters, applications are 100% portable across development, test and production environments running on laptops, data centers and public clouds.
  • One network across data centers and cloud: By creating a simple, flat, virtual container network with no centralized database, Weave Net can be used to build hybrid cloud container deployments where applications span private data centers and public clouds. Each container does not need to know where it is running, and there is no need to pass database connections through corporate firewalls.

A leading open source project and the most popular Docker container networking solution, Weave Net is used by organizations ranging from PaaS providers such as Docker Cloud and Cloud 66 to financial services companies such as JP Morgan Chase and International Securities Exchange.

For additional information on Weaveworks and its line of open source networking and monitoring solutions for containers and microservices, please visit

Published Tuesday, September 27, 2016 3:42 PM by David Marshall
Filed under: ,
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<September 2016>