Virtualization Technology News and Information
Article
RSS
NeuVector 2019 Predictions: Container Solutions Consolidate, Security Shifts Left (Then Right), and Cloud 2.0 Arrives

Industry executives and experts share their predictions for 2019.  Read them in this 11th annual VMblog.com series exclusive.

Contributed by Fei Huang, CEO, NeuVector

Container Solutions Consolidate, Security Shifts Left (Then Right), and Cloud 2.0 Arrives

Before I share my thoughts about 2019, here's a quick review of last year's predictions. First, I predicted that enterprises would migrate to containers in production - first at the edge, and cautiously. This has, in fact, happened in 2018! Container production deployments have more than doubled, driven by the maturity of container platforms like Kubernetes, OpenShift, Docker EE, etc. We're seeing customers growing their Kubernetes production deployments to encompass thousands of virtual/physical servers.

I also forecast that automated CI/CD pipelines will continue to require many manual steps. 

Advances in this area have actually been quite rapid, as we see companies with full DevSecOps and DevOpsSec automation. Yes, they do a lot of customization and scripting to connect all the tools together, but it really works as expected. 

I believed that serverless computing would remain just hype throughout 2018, and largely impractical for the enterprise. While we might start seeing serverless computing in production in some specific use cases, I believe it's generally still a bit further away - and Gartner agrees.

I predicted that hackers would continue to run free, terrorizing enterprises and consumers. Data breaches are indeed heating up again and new attacks are coming to container world. Cathay Pacific Airways recently suffered the biggest ever airline data breach when migrating to cloud and container solutions. Docker Hub had to remove malicious containers from its public repository. Cryptomining containers were found in Tesla's public cloud. The security risks of container infrastructure are now well recognized, thanks to these lessons learned. 

I surmised that Kubernetes would reign supreme, dominating all orchestration tools. This has certainly come true already. Almost all container platforms have selected Kubernetes for their container management system, including Docker, Rancher, Pivotal, Mesos, Amazon, Azure, IBM, Alibaba Cloud, Oracle, etc. This standardization has been a benefit to upper layer solutions, such as security and storage. Customers are also convinced they can safely go into production, with far fewer worries about vendor lock-in.

Finally, I predicted that the first multi-cloud container deployments would go into production this year. It is certainly the case that companies are using different clouds together, or hybrid cloud infrastructures. Containerization has spurred this forward, while offering enterprises a simpler and superior path in their cloud migrations.

Looking forward to what will be an interesting year ahead, I predict that these four things will (probably) happen in 2019:

1. Container solutions will begin to consolidate.

IBM's acquisition of Red Hat is an indication that containers and Kubernetes will play a critical role in enterprise workload management going forward. IBM made a big bet for the future. This should accelerate the speed at which containerization matures - meaning that hundreds or thousands of large enterprises will have a solid path to migrate to cloud services either in private, public or hybrid clouds. Customers' applications and data will continue to be essential, while infrastructure will be based, to a greater degree, on interchangeable platform services. This will also trigger more consolidation and integration of solutions around the ecosystem, such as container security solutions, virtual network solutions, and virtual storage solutions.

2. Security will go deep with service mesh.

As new attack vectors arise, additional layers of virtualization are bypassing tradition security methods - especially in the areas of network and host security. Hackers are leveraging new technologies such as Kubernetes and container APIs, and security solutions need to react instantly and feature automated intelligence. The addition of security mesh within service mesh will provide strong inline protection, with advantageous knowledge of application context. 

3. Security will shift left, and then right.

With more and more containers deployed in production, a greater number of enterprises are realizing that all the scanning and host security precautions still leave them vulnerable and blind to zero-day attacks. Whereas in the past, security measures may have been added to container environments late in the development process (and only as an afterthought), security is now "shifting left" to more effective implement measures from the start of development. At the same time, enterprises are now utilizing container environments in production, necessitating a "shift right" as well. For example, at NeuVector we've designed our Kubernetes security platform to secure container environments throughout the full build-ship-run lifecycle, in recognition of this need.

4. Cloud 2.0 is coming.

Combined with new technologies like containerization, serverless computing, service mesh, security mesh, hyperscale and cross cluster management, etc., I think Cloud 2.0 is coming our way. Future cloud infrastructure need not be limited to be VM-centric; instead, it will become more and more service and data-driven. Kubernetes offers a strong opportunity to make this shift a reality. The goal is for all cloud functions and features to be enabled to serve business needs directly and instantly, whether it's security, storage, networking, etc.

##

About the Author

 

Fei Huang is CEO at NeuVector, a Kubernetes security company that uses behavioral learning and firewall technology to secure containers during run-time. Fei has more than 20 years of experience in enterprise security, virtualization, cloud and embedded software. He was part of the founding team of Cloudvolumes (acquired by VMware) and cofounder of Provilla, a DLP security company (acquired by TrendMicro). Fei holds several patents in security, virtualization and software architecture.
Published Thursday, December 06, 2018 7:42 AM by David Marshall
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
top25
Calendar
<December 2018>
SuMoTuWeThFrSa
2526272829301
2345678
9101112131415
16171819202122
23242526272829
303112345