Развертывание контейнерных приложений
Strengthen containerized application security by integrating high assurance nShield hardware security modules
The adoption of container technology continues to intensify. In fact, Gartner predicts that more than 75% of organizations will use containerized applications by 2022.
As with traditional development environments, when containerized applications incorporate the use of encryption to protect sensitive data and systems, the underlying encryption keys must be secured. The use of hardware security modules (HSMs) to safeguard cryptographic keys is not only a recognized best practice but is often required by compliance mandates.
The use of HSMs can strengthen the security of containerized applications, however:
- Developers working with containerized applications may not be familiar with the complexities of integrating high-assurance hardware security modules (HSMs).
- Development and release cycles are fast-paced, often with limited time between staging and production.
The Entrust nShield Container Option Pack makes it easy to build HSM support into containerized solutions and provides a template deployment model that allows you to focus on your application instead of the HSM integration. The solution provides easy access to a flexible and scalable containerized architecture that works with an existing nShield HSM and Security World environment. nShield Container Option Pack:
- Provides access to high-assurance nShield HSMs for cryptographic material from the container environment
- Enables the straightforward and secure integration of nShield HSMs via standard interfaces to containerized applications
- Enables certified nShield HSMs to operate seamlessly within a containerized environment
- Allows developers to leverage the dynamic deployment, scalability and orchestration benefits of the platform
- Enhances the security of your containerized deployments in conjunction with an Entrust nShield HSM, for dynamic application scalability and maximum HSM utilization
- Provides a well architected containerized deployment model with associated scripts for creating application container images
- Supports a variety of Linux platform base templates
- Is compatible with nShield as a Service offering for cloud-only development and deployment
The Entrust nShield Container option Pack enables certified Entrust nShield HSMs to operate seamlessly within a containerized environment, allowing developers to leverage the dynamic deployment, scalability and orchestration benefits of the platform while benefiting from access to high-assurance HSMs for processing sensitive data and key material.
nShield as a Service is a subscription-based solution for generating, accessing and protecting cryptographic key material, using dedicated FIPS 140-2 Level 3 certified nShield Connect HSMs.
Entrust nShield Connect HSMs are certified, networked appliances that deliver cryptographic key services to applications distributed across servers and virtual machines.