NeuVector Brings Network Security Capabilities to Container Workloads

Multiple security vendors demonstrated their offerings during DockerCon 18, which ran June 12-15 in San Francisco, among them being container security firm NeuVector.

In a video interview with eWEEK, Fei Huang CEO and co-founder of NeuVector, explains what drew him to container security and why networking security controls are needed. 

Huang is no stranger to the world of security startups. He was co-founder of digital loss prevention (DLP) vendor Provilla, which Trend Micro acquired in 2007. He also was part of the founding team of CloudVolumes, which VMware acquired in 2014. With NeuVector, which officially launched in January 2017 and has raised a total of $9 million in venture funding, Huang is looking to bring the lessons learned from his past security experiences to the nascent world of containers.

NeuVector's platform provides a container firewall that can filter application layer traffic to help identify anomalous behavior and traffic.

Huang said containers are all about application server workloads. From a security visibility perspective, it's not possible to see the application container traffic activity from a traditional network gateway, he said. For container security to work, the controls have to be at the application layer (layer 7) with close proximity to the container environment. NeuVector's technology looks at traffic within a data center (known as East-West traffic) and also performs an analysis on the container metadata.

"The beauty of containers is that they have a lot of metadata that we can leverage," Huang said.


The Kubernetes container orchestration platform in particular has multiple security capabilities including Role Based Access Control (RBAC) and pod security policies that can be used to segment and encrypt container application traffic. Huang said NeuVector goes beyond what is provided by Kubernetes as a platform for running container workloads.

NeuVector looks at containers specifically from a security angle—for example, what happens if a distributed denial of service (DDoS) or cryptojacking attack hits a container workload, he said. While there have been no publicly reported DDoS attacks against container workloads, Huang said that his company has already seen and blocked DDoS attacks in customer environments.

Watch the full video interview with Huang above.

Sean Michael Kerner is a senior editor at eWEEK and Follow him on Twitter @TechJournalist.