This customer spotlight features a German government administration organization that successfully adopted SUSE’s NeuVector Prime solution. NeuVector Prime transformed the customer's security approach, allowing it to embrace innovation without compromising safety or compliance. With NeuVector Prime, the company has a full lifecycle container security solution that enables it to fully secure its Kubernetes environment, with just under 90% of its nodes running on NeuVector Prime. The increase in visibility and control enables it to scale its operations confidently while meeting strict security and auditability requirements.
At-a-Glance
The feedback included in this spotlight was collected and verified through a survey of SUSE's customers conducted by UserEvidence, an independent research firm.
Challenges
As the company embraced cloud native tools to boost developer agility, securing its dynamic Kubernetes environments became a critical priority. Facing growing threats such as security breaches, phishing and data loss, the customer required a comprehensive container security solution that could provide full lifecycle protection. In addition, maintaining compliance with strict corporate security and auditability policies was essential, as any gaps in security could result in failed compliance reviews and compromised data integrity. The organization also aimed to shift away from traditional perimeter-based defenses by adopting a Zero Trust approach, ensuring that no unauthorized access could compromise its system. Without addressing these challenges, the customer risked losing visibility into its cluster communications and would be unable to monitor or protect East-West traffic within its network.
"SUSE's NeuVector Prime made addressing security concerns a stroll in the park."
Solution
After evaluating several options, including Sysdig, the company chose NeuVector Prime, largely due to its seamless integration with its existing Kubernetes orchestrator, Rancher Prime. NeuVector Prime provides the full lifecycle container security the company requires, addressing multiple layers of security concerns across the network, container and host. With NeuVector Prime, the company benefits from pipeline vulnerability and compliance scanning of images in both the build phase and registries. It can also automate policy creation through behavioral learning and adaptive enforcement, ensuring smooth auto-scaling of its environments. A layer 7 container firewall protects both East-West and ingress/egress traffic, while admission controls prevent the deployment of vulnerable or unauthorized images. Additionally, it achieved compliance and auditing through CIS security benchmarks, ensuring that corporate policies were met.
Outcomes
Implementing NeuVector Prime transformed how the company approaches security. With 89% of its nodes running on NeuVector Prime, it now has complete visibility into its applications' expected behavior and assurance that unauthorized processes are blocked from traversing even the internal cluster network mesh. The company benefits from peace of mind, knowing its Kubernetes environment is secure from vulnerabilities, and it can now fully embrace cloud native workstreams without the fear of breaches or compliance failures. As the company's IT Manager remarked, “It made addressing security concerns a stroll in the park.”