Spectro Cloud strengthens Kubernetes security at the network edge


Spectro Cloud has updated its Edge Platform range with the option to include a distribution of Kubernetes optimized for the network edge.

The latest version also adds tamper-resistant security features for immutable Kubernetes deployments at the edge, along with other tools to ensure security. At the heart of this capability is Kairos, an open-source project started by Spectro Cloud that makes it possible to create immutable, bootable images for Kubernetes operating systems and distributions.

According to Tenry Fu, CEO of Spectro Cloud, Palette eXtended Kubernetes Edge (PXK-E) provides IT teams with a hardened distribution of Kubernetes managed through the same centralized control plane that Spectro Cloud uses to manage Kubernetes instances on-premises or in the cloud uses. Once PXK-E is deployed, it creates an immutable, read-only and unmodifiable instance of the platform, he says.

IT teams can still use any preferred distribution of Kubernetes at the edge in collaboration with Palette, but there is a need for PXK-E. The more Kubernetes clusters deployed in remote, unmonitored locations, the greater the risk that a variety of potential threat actors could physically access them, Fu notes.

The Spectro Cloud dashboard also makes it possible to track the status of important events, along with the ability to filter, tag, and drill down on clusters by location, status, or other attributes. For example, IT teams can create workflows to tier deployment of cluster updates by location. IT teams can also onboard a cluster to a network through the Palette Edge UI, an open application programming interface (API) known as the Spectro Cloud Terraform Provider, or by scanning a QR code.

It’s not yet clear how fast Kubernetes clusters will be deployed at the network edge. However, as more data is processed and analyzed where it is created and consumed, interest in using Kubernetes as the foundation for edge computing has increased. The challenge is that managing Kubernetes is challenging because there is no platform that simplifies both deployments and ongoing updates.

A recent survey commissioned by Spectro Cloud found that 86% of respondents state that Kubernetes challenges are growing exponentially. IT teams tasked with remotely managing fleets of Kubernetes clusters deployed at the network edge may face a particular challenge.

No matter how many Kubernetes clusters are deployed at the network edge, securing these platforms is a high priority. Each of these platforms is likely to process sensitive data and is also a potential target for malware to laterally move through should a Kubernetes cluster be compromised. It’s only a matter of time before security and compliance teams start asking challenging questions about how to achieve and maintain the integrity of these Kubernetes instances.

The goal, as always, is to seamlessly integrate security and IT operations in a way that not only reduces friction, but also curbs the overall cost of deploying and managing Kubernetes clusters at the edge.


Comments are closed.