Prisma Cloud Supports Azure Linux Container Host for AKS

May 24, 2023
6 minutes
... views

Prisma Cloud helps accelerate time-to-market securely with our support for Azure Linux container host for Azure Kubernetes Service (AKS).

In our report on The State of Cloud-Native Security (2023), cloud practitioners reported technical complexity as the top-ranked cloud-native security concern, which they experienced as impeding their cloud security. With attacks on software supply chains on the rise and the complexity of software dependencies making cloud security more challenging than ever, now is the time to adopt a container-optimized host operating system to simplify and accelerate your workload security.

With container-security optimization and acceleration in mind, Prisma Cloud by Palo Alto Networks is delighted to announce our support for container-optimized Azure Linux by Microsoft. Azure Linux is an open-source container host created by Microsoft and optimized for Azure Kubernetes Service (AKS). It delivers simplified and enhanced Kubernetes container security for those customers who require high-level confidence in the hosts running their container workloads.

Fully supported by Prisma Cloud at launch, Azure Linux container host for AKS has been designed to be lightweight in operations, so it includes only the essential packages necessary for container workloads. This results in accelerated uptime and also improved stability for customers using AKS. With Microsoft sourcing and verifying each package running with Azure Linux container host on AKS, customers can count on enhanced container operations with dependable components.

Jim Perrin, Principal Program Manager, Microsoft Azure Linux said, “With Microsoft Azure Linux, customers see benefit from the value of having a secure, performant, and fully-native Azure Kubernetes Service (AKS) container host. Microsoft controls the supply chain for Azure Linux end to end, resulting in a more streamlined image tailored and optimized for AKS. Azure Linux provides a consistent Kubernetes experience throughout the developer and production lifecycle coupled with the level of support you expect from Microsoft.”

Prisma Cloud Seamlessly Supports Azure Linux Container Host for Azure Kubernetes Service

Prisma Cloud offers code-to-cloud security for Azure resources and assets, including container security with Azure Linux container host for AKS.
Prisma Cloud offers code-to-cloud security for Azure resources and assets, including container security with Azure Linux container host for AKS.

Our support of Azure Linux brings together cloud-native security capabilities from Prisma Cloud with reliable Azure Linux as a container host for Azure Kubernetes Service (AKS).

This purpose-built Azure Linux container host uses a native AKS image to provide a single place for cloud teams to do all development, simplifying your security and operations. Container security is improved because the Microsoft-optimized operating system has specifically been designed with a smaller image size — so the container host is high-performing and simplified with only the necessary set of packages needed to run container workloads.

The result for customers is a reduced attack surface and helpful elimination of time-consuming patching and maintenance that’s no longer needed due to the removal of unnecessary packages.

Customers can look forward to the following benefits when they adopt Azure Linux:

  • Optimized and validated to run in Azure
  • Harden supply chain security (through a standard Linux distribution)
  • Small and lean host OS for reduced attack surface (less dependencies)
  • Improved operational consistency

Since Prisma Cloud already protects workloads on Azure Kubernetes Service (AKS), any workload migrations to optimized Azure Linux is seamless for Prisma Cloud customers. Use Azure Linux container host for AKS with Prisma Cloud to enhance your Kubernetes security with additional consistency and reliability in Azure.

Immediate Prisma Cloud Protections for Azure Kubernetes Service (AKS)

Prisma Cloud by Palo Alto Networks helps you stay both secure and competitive by getting immediate adoption availability of the latest Microsoft Azure features, including support for newly released Azure Linux container-host for AKS. Prisma Cloud provides a “paved path” for customers to adopt comprehensive full-lifecycle visibility and full-stack security for Kubernetes deployments on AKS. Prisma Cloud security and operational benefits in Azure include:

  • Visibility & Control: Gain cluster visibility and control over every deployment with complete assessments and risk posture scores of all your clusters, components, nodes, and containers — all within a single pane of glass and with real-time stream processing of Kubernetes events.
  • Integrated CI/CD Scanning: Integrate automated vulnerability and compliance scanning — with enforcement capabilities — directly into CI/CD workflows for faster, secure, and scaled operations.
  • Policy & Enforcement: Set simple rules to govern DevOps workflows and implement your policies through DevOps plugins, registry integrations, image trust, or third-party schemes like Open Policy Agent (OPA) to stop admission of vulnerable Kubernetes objects and privileged pods.
  • Automated Threat Detection: Automate incident detection and prevention based on model and threat indicators with continuous forensics for every container, cluster node and host in your environment.
  • Web Application and API Security (WAAS): Support for OWASP Top-10 protection, app-layer denial-of-service (DoS), API protection, bot risk management, and more.
  • Compliance: Implement the Kubernetes CIS Benchmarks anywhere you run Kubernetes with Prisma Cloud and 100+ built-in, customizable security policies covering configurations, communications, and more to ensure you’re always compliant for any version of Kubernetes you run.
Prisma Cloud comprehensive cloud-native protections in Microsoft Azure environments.
Prisma Cloud comprehensive cloud-native protections in Microsoft Azure environments.

Prisma Cloud is Better Together with Microsoft Azure and AKS

Prisma Cloud, together with Azure, can provide a comprehensive solution to secure and defend your Kubernetes environment against vulnerabilities and active threats. Our combined cloud security offerings give customers the broadest application protections and compliance coverage for containers, and full-lifecycle visibility and control. Prisma Cloud is also natively integrated into developer toolkits to further accelerate operations and secure cloud adoption.

When you choose and adopt Prisma Cloud, together with Azure, you are choosing Palo Alto Networks as a dedicated partner with a deep commitment to immediately support new Azure services. As Jim Perrin reiterated regarding the Microsoft and Palo Alto Networks partnership, “Our collaboration with Prisma Cloud and Palo Alto Networks has provided invaluable feedback and enabled us to deliver Azure Linux to meet our mutual customers’ needs. We look forward to the continued partnership as we bring new enhancements to Azure Linux in the future.”

Learn More

Whether you’re new to containers or a cloud-native veteran, The Definitive Guide to Container Security is your essential resource for understanding, implementing and mastering security in a containerized environment. With in-depth insights and practical advice, this book-length guide empowers developers, DevOps, cloud teams and security professionals to effectively protect their cloud-native applications.

And to learn more about the comprehensive Prisma Cloud security platform and its many benefits in your Azure environment, download our Prisma Cloud for Azure Datasheet.

 


Subscribe to Cloud Native Security Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.