Micro-services & Containers: Operations & Security Nightmare?

With the widespread adoption of containers, micro-services, and multi-cloud application design model, new challenges have risen in designing and managing these modern applications. Applications are becoming increasingly dis-aggregated into independent micro-services that interact directly with each other and with other external applications using APIs. These micro-services are distributed across multiple clouds and environments, run in different form factors such as containers and server-less functions, and are independently developed by multiple small application teams to obtain high feature velocity.

While development operation is benefiting from increased feature velocity, the new requirements are putting a strain on security operations and production operations. The attack surface of the applications is becoming dispersed, more dynamic, and much larger. Both network-segmentation-based and perimeter-based security solutions are ineffective, or at best insufficient in stopping application threats. Furthermore, security operations are pulled for being the bottlenecks in the path of agile feature set development.

Greater application opacity coupled with obfuscation caused using cloud infrastructure and SaaS services make it very hard to ensure that service levels are met. Production operations are juggling the complexity of applications to run services at a specified level. Present day band-aid approach to start another cloud instance and deliver the agreed to performance is neither scalable nor viable.

This situation cannot sustain for long. There is a need for tools to collaboratively manage and enforce corporate security policies along with application performance policies without inhibiting application development agility.