Containers as a Service

• Containers as a service (CaaS) is a cloud service model that allows

users to upload, edit, start, stop, rate and otherwise manage
containers, applications and collections.
• It enables these processes through tool-based virtualization, a
programming interface (API) or a web portal interface.
• CaaS helps users create rich, secure and fragmented applications
through local or cloud data centres.
• Containers and collections are used as a service with this model and
are installed in the cloud or data centres on the site.
• CaaS assists development teams to deploy and manage systems
efficiently while providing more control of container.
Types of Containers in Docker

• Stateless Containers: These types of containers do not persist data,

i.e., their data is deleted as soon as they are stopped. These
containers are typically used to run stateless applications such as web
servers, reverse proxies, and load balancers.
• Stateful Containers: These types of containers persist data and are
typically used to run stateful applications such as databases, message
queues, and file servers. The data stored inside the container is
persistent even if the container is stopped or recreated.
• To do this, the containers take advantage of the virtual operating
system (OS) in which OS features (in the case of Linux kernel, which
are the first names and groups of domains) are used in both CPU
partition, memory, and disk access processes.
Benefits of CaaS
• Less overhead
• Increased portability
• More consistent operation(using DevOps)
• Greater efficiency
• Better application development
Disadvantages of Container as a Service (CaaS) :

• Depending on the provider, there are limits to the technology

available.
• Extracting business data from the cloud is dangerous.
Container Security
• Containers need a continuous security strategy integrated into the
entire software development lifecycle (SDLC).
• This means securing the build pipeline, container images, container
host machines, container runtimes (such as Docker), container
platforms and application layers.
• Due to the complexity and dynamic nature of a containerized
environment, container security must be fully automated.
• An important step to automating security and embedding it into all
stages of the SDLC is to implement security controls as part of the
continuous delivery lifecycle used to build and release containerized
applications.
6 Container Security Practice
Securing Images:
Containers are created from container images, and inherit all the
elements, good and bad, that exist in those images.

Securing Registries
Many organizations maintain a private container registry.
It is important to apply security controls to the container registry, to
protect images from tampering and ensure the integrity of the
development process.
Securing Deployment
When deploying containers, the most important thing is to ensure the
target environment is secure.

This includes several aspects:

• Hardening the underlying operating system containers run on.
• Setting up virtual private cloud (VPC), security groups, and firewall
rules.
• When using container orchestrators like Kubernetes, restricting API
access using role-based access control (RBAC)
Securing Runtime
• Threats can arise during normal container operations.
• Even when an organization appropriately protects containers in
earlier stages of development, it must have a strategy for detecting
and mitigating threats at runtime, when containers are running in
production environments.
• Managing Secrets
Make sure that secrets (such as access credentials to integrated
systems) are never stored in plaintext within a container.
It is critical to have a system to manage secrets and pass them every
time each container is started.
Adopting Zero Trust Principles
• Zero trust is a security approach
that requires verification of every
user and resource, eliminating
implicit trust.
• Zero trust policies validate entities
for every computing session and
activity.
•A zero trust architecture
continually validates every user
and asset connecting to the
network, controlling and
monitoring access.
Monitoring as a Service (MaaS)
• The rise of cloud computing has increased interest in MaaS.
• A security service called Monitoring as a Service (MaaS) guards the IT assets of
any company, essential for protecting businesses from potential online dangers.
• Monitoring-as-a-Service (MaaS) refers to outsourcing security provisioning,
primarily on commercial platforms that use the Internet to do business.
• MaaS offers a centralized location for tracking an organization’s IT environment
performance, availability, and security.
• MaaS enables organizations to proactively detect and address problems before
they impact daily operations.
• MaaS can be utilized to raise service standards and maximize resources.
• MaaS is frequently offered as a subscription-based service, with pricing
determined by the number of monitors required or the volume of data gathered.
• MaaS providers offer various features and choices tailored to a company’s
requirements.
Benefits of Monitoring as a Service (MaaS)
• Protection Against External and Internal Threats: The security monitoring
services analyze the alerts from security devices 24/7 in real-time.
• Early Detection: The information security team detects and discloses the
security threats as soon after they appear. The threats are reported to the
customer via emails.
• Dashboard Interface: The dashboard interface is implemented as a
platform, control and service monitoring.
• Log Centralization and Analysis: It is a monitoring solution which involves
the correlation of log entries and matching of the log entries. Analyzing this
correlation and matching of log entries set a benchmark for the operational
performance and provide an index of the security threats.
• Continuous System Patching/Upgrade and Fortification: The level of
security is enhanced with the continuous system patching. System
patching is nothing but enhancing the computer program to fix the
vulnerabilities and bugs in the computer program.

• Intervention, Forensics, and Help Desk Services: The MaaS vendor

has a team of experts with ample of knowledge that intervenes
whenever any threat is detected. Whenever a threat is detected it
requires the forensic analysis to check out how much time cost and
effort it will require to fix it.
• Real-Time Log Monitoring Enables Compliance: Log monitoring is a
process of recording log messages into a file which helps the
developers or administrator to understand how the system or
application is being used. Real-time log monitoring helps in quick
detection of errors, failed process and services.
When to Use Monitoring as a Service (MaaS)?
• Price Sensitive Customers: For small and medium enterprises, MaaS provides cost-effective pay
per use pricing model. Customers don’t need to make any heavy investments neither in capital
expenditures (capex) nor in operating expenditures (opex).
• Cloud-Based SaaS and PaaS offering Add-On: MaaS provides a better technology fit for
monitoring cloud-based SaaS and PaaS offerings. MaaS can be provided as an add-on product
offering along with SaaS and PaaS.
• Distributed Infrastructure Assets: In scenarios where the IT infrastructure assets are distributed
across different locations and branch offices, MaaS is a good option since the monitoring
infrastructure is centralized in the cloud and can easily monitor all distributed infrastructure
assets.
• A mixture of Cloud and On-Premise Infrastructure: MaaS is already in the cloud. Hence in
deployments where the customer has a mix of on-premise and cloud infrastructure, MaaS
provides good monitoring options for the hybrid environment.
• Multitenant Monitoring Requirements: For vendors offering multi-tenant functionality on their
hosted services, MaaS provides a strong backend framework for monitoring the multi-tenant
services and their availability.
• Storage Monitoring: A reliable storage solution in your network ensures
anytime availability of business-critical data. Storage monitoring for SAN,
NAS, and RAID storage devices ensures that your storage solution is
performing at the highest levels.
• Applications Monitoring: Applications Monitoring provides insight into
resource usage, application availability, and critical process usage for
different Windows, Linux, and other open-source operating systems based
applications.
• Cloud Monitoring: Cloud Monitoring for any cloud infrastructure such as
Amazon or Rackspace gives information about resource utilization and
performance in the cloud.
• Virtual Infrastructure Monitoring: Virtual Infrastructure based on common
hypervisors such as ESX, Xen or Hyper-V provides flexibility to the
infrastructure deployment and provides increased reliability against
hardware failures.
Infrastructure Assets that can be Monitored
using MaaS
• Servers and Systems Monitoring: Server Monitoring provides insights
into the reliability of the server hardware such as Uptime, CPU,
Memory, and Storage.
• Database Monitoring: Database monitoring on a proactive basis is
necessary to ensure that databases are available for supporting
business processes and functions.
• Network Monitoring: Network availability and network performance
are two critical parameters that determine the successful utilization
of any network – be it a LAN, MAN, or WAN network.
Most Common Types of Cloud Monitoring
Website Monitoring
At their most basic, websites consist of files, stored on a host computer
either owned by a specific organization or the cloud-service provider
and shared with other computers across a network.
When working with websites, cloud server-monitoring focuses on user
experience and availability, as well as the availability of important
resources.
Cloud-based website monitoring tracks website traffic, processes, time
on page, resource usage, and search availability.
Database Monitoring
• Data is an essential part of any modern business, and being able to
quickly find and manage important data in the cloud is an absolute
must.
• Cloud-based database monitoring involves accessing data integrity,
tracking queries, reviewing processes, tracking availability, and
charting cloud-database resource usage.
• Database monitoring not only helps inform updates and upgrades but
also logs and tracks requests for data access, making it a valuable
security tool.
Cloud Storage Monitoring
• Cloud monitoring for cloud-storage applications is capable of tracking
a range of analytes simultaneously.
• Often used in hosting infrastructure as a service (IaaS) and software
as a service (SaaS), cloud storage monitoring charts available storage,
user actions, processes, and various performance metrics.
Virtual Network Monitoring
• Cloud monitoring in virtual networks creates virtual versions of
important network elements, namely firewalls, routers, and load
balancers.
• These software-based elements provide detailed operational
information, available in real time — analyzing the virtual network
and making vital recommendations where needed.
Virtual Machine Monitoring
• Virtual machine monitoring is most commonly used as part of the
IaaS model, often incorporating a virtual server hosting multiple
virtual desktops.
• This form of cloud server monitoring charts traffic and users, along
with the infrastructure and status of every associated virtual machine.
• Virtual machine monitoring not only offers the benefits of cloud-
based monitoring but also fills the role of IT infrastructure monitoring
for virtual desktops.