컨테이너화 된 애플리케이션 배포
Strengthen containerized application security by integrating high assurance nShield hardware security modules
The adoption of container technology continues to intensify. In fact, Gartner predicts that more than 75% of organizations will use containerized applications by 2022.
As with traditional development environments, when containerized applications incorporate the use of encryption to protect sensitive data and systems, the underlying encryption keys must be secured. The use of hardware security modules (HSMs) to safeguard cryptographic keys is not only a recognized best practice but is often required by compliance mandates.
Challenges
The use of HSMs can strengthen the security of containerized applications, however:
- Developers working with containerized applications may not be familiar with the complexities of integrating high-assurance hardware security modules (HSMs).
- Development and release cycles are fast-paced, often with limited time between staging and production.
솔루션
The Entrust nShield Container Option Pack makes it easy to build HSM support into containerized solutions and provides a template deployment model that allows you to focus on your application instead of the HSM integration. The solution provides easy access to a flexible and scalable containerized architecture that works with an existing nShield HSM and Security World environment. nShield Container Option Pack:
- Provides access to high-assurance nShield HSMs for cryptographic material from the container environment
- Enables the straightforward and secure integration of nShield HSMs via standard interfaces to containerized applications
- Enables certified nShield HSMs to operate seamlessly within a containerized environment
- Allows developers to leverage the dynamic deployment, scalability and orchestration benefits of the platform
이점
- Enhances the security of your containerized deployments in conjunction with an Entrust nShield HSM, for dynamic application scalability and maximum HSM utilization
- Provides a well architected containerized deployment model with associated scripts for creating application container images
- Supports a variety of Linux platform base templates
- Is compatible with nShield as a Service offering for cloud-only development and deployment
리소스
The Entrust nShield Container option Pack enables certified Entrust nShield HSMs to operate seamlessly within a containerized environment, allowing developers to leverage the dynamic deployment, scalability and orchestration benefits of the platform while benefiting from access to high-assurance HSMs for processing sensitive data and key material.
nShield as a Service is a subscription-based solution for generating, accessing and protecting cryptographic key material, using dedicated FIPS 140-2 Level 3 certified nShield Connect HSMs.
Entrust nShield Connect HSMs are certified, networked appliances that deliver cryptographic key services to applications distributed across servers and virtual machines.
관련 제품
nShield 컨테이너 옵션 팩
검증된 템플릿 배포 모델을 사용하여 컨테이너식 배포에 HSM 지원을 구축합니다.
nShield as a Service
FIPS 140-2 인증을 받은 전용 nShield Connect HSM이 포함된 암호화 키에 대한 구독 기반 서비스입니다.

nShield Connect
서버와 가상 머신 전체에 분산된 애플리케이션에 암호화 키 서비스를 제공하는 네트워크 장비입니다.