Container Network Nano-Segmentation

Container Network Nano-Segmentation

Limit the "blast radius" of attacks by limiting container communications to defined nano-segments based on application context. Automatically discover container network topology both within a host and across hosts, and apply context-based firewall rules that alert or prevent unauthorized network connections.

Visualize Network Topology

Automatically discover and visualize containerized application topology, dynamically updated based on actual activity.

Nano-Segment The Network

Segment the container network: Group containers into services regardless of physical location or IP address, establish communication rules within and between services.

Context-Based Container Firewall

Detect and prevent unauthorized network connections based on a hierarchical set of service-oriented firewall rules.

How Aqua Nano-Segmentation Works

Aqua monitors container network activities in runtime, identifies all inbound and outbound network connections to/from other containers, services, IP addresses and public Internet. Nano-segmentation is automatically created based on monitored traffic.
See It in Action ›
The Complete Guide
to Enterprise Container Security
Securosis Analyst Report, Updated for 2018
Download Report
eBook for Security Pros
Five Things Security Pros Need to Know
About Containers