The latest release of the Runecast platform brought some interesting features that will benefit all IT organizations. We live in an IT world with a lot of “heterogeneity”. We have not only on-prem workloads but now also multi-cloud workloads, with some physical systems, and some virtual platforms with VMs or containers. All those workloads have to run with best practices in mind from a security and compliance perspective, but also from a performance and optimization perspective.
For several years, the Runecast platform continue its evolution by adding new platforms and features as well as getting some good design lift-ups each time. A product that has started as an optimization product for VMware vSphere, is now capable of optimization, security, and compliance of workflows running within Amazon AWS, Azure and Google Cloud Platform (GCP) – NEW.
Runecast is capable to deliver a holistic view that allows you to protect your architecture running within public or private clouds, your cloud-native applications (K8), VMs or Individual Linux Distros or Windows systems at per-OS level. The ultimate goal is to have all your workloads secure and in compliance with the latest security bulletins.
Kubernetes Security Posture Management (KSPM) is a practice of securing the containerized workloads you might have. Runecast 6.2 has now the ability to run image scans from within the software and secure your Kubernetes workloads.
What is the main benefit of Runecast?
IT as such has gone wide and very heterogeneous. When you deploy services, and workflows, and run them in the cloud provider, It is your responsibility to secure them and make your environment compliant. It does not matter which cloud provider you're using, you have to provide end-to-end cloud-native application protection and keep your customer or employee data secure.
Runecast is able to show you what to secure and how within the unified UI. The thing is that there are so many differences between each of those platforms that by yourself you'd have to be an expert in each of those domains and follow the evolutions manually.
Additionally, you have perhaps a lot of on-prem workloads, Operating systems (OS) to secure for your production workloads. It's a “Mission impossible” to handle all this manually. Rhat's where Runecast is able to help you. And this is the real value of the product.
You don't have to waste your time seeking a solution. Runecast will find if and where is your infrastructure vulnerable or wrongly configured, and gives you the solution how to remediate and how to secure it.
Runecast 6.2 New Features
- Container image scanning – Integrate with K8s admission controller to secure your deployment processes or run image scans manually from Runecast Analyzer. Runecast is able to scan both the cluster and node level. Your workloads are secure and free of vulnerabilities from the first pull request.
- GCP support – Best practices, CIS compliance and configuration tracking for your GCP environment
Screenshot from Runecast
- OpenID Connect – You can now login to Runecast Analyzer using your OIDC identity provider
- More security profiles – Added support for DISA STIG for RHEL8 and CIS GCP Foundations
Screenshot from the lab
- Performance and usability improvements – Working with filters is now faster and you can notice other UI enhancements
- Standard update and maintenance of knowledge rules, HCL records, and system packages
Configuration Drift detections
What if you start experiencing problems after a certain period of time and you don't know what you have changed on your infrastructure at a particular date? We can call it configuration drift, I think. This feature compares the differences that are found in scans that were done during different days/hours. This gives you an insight on the changes that has occured on your config between today and the scan that you chose from the past scans.
Within Runecast we have the ability to compare data points, to guard against things like configuration drift. Now we’ve added the ability to compare analysis scans from any point in time, directly within the All Issues View. In this view you could only compare the current scan with the previous one, the two most recent records. Now you’re able to compare your latest scan with any of your previous scans, and drill down to compare your data from today with your data from last year, or before.
Runecast is paving its way into the multi-cloud and multi workloads world. Runecast platform is able to help you to optimize and bring into compliance your workloads that might be running not only on-premises, but also at the 3 major public cloud service providers. A product that ensures you're secured and compliant is a serious help for administrators, DevOps, and secops teams.
Runecast's latest release has new compliance and security standards for vSphere and for Azure, with DISA STIG for vSphere 7 and new NIST profiles for Azure. As you might know, DISA STIG compliance is mandatory for all enterprises who operate on the (Department of Defense) DoD network.
Larger IT organizations can use a single product for the company's security, compliance, best practices, patches, and (or) remediations, for all their multi-cloud and multi-site environment, all this, via a single appliance.
Runecast platform covers not only on-prem environments with vSphere, VSAN, different OS types, Horizon, NSX-T, Kubernetes, but also public and private clouds such as vCloud Director, AWS, or Azure.
Source: Runecast's Blog
Some of our Previous posts about the Runecast platform:
- Manage your Security and Compliance Globally Across Environments and Geo-locations via Runecast Platform
- Runecast 6 and OS-level Support Windows/Linux
- Runecast can help to detect vulnerability in Apache Log4j Java library
- vSphere Upgrades easier now with Runecast
- Track configuration changes in your vSphere Environments with Runecast Configuration Vault Feature
More posts from ESX Virtualization:
- More Patches for VMware – vCenter 7.0U3f and ESXi 7.0U3f
- VMware vCenter Server 7.0 U3e released – another maintenance release fixing vSphere with Tanzu
- VMware vCenter Converter Discontinued – what’s your options?
- How to upgrade VMware VCSA 7 Offline via patch ISO
- vSphere 7.0 U3C Released
- vSphere 7.0 Page[All details about vSphere and related products here]
- VMware vSphere 7.0 Announced – vCenter Server Details
- VMware vSphere 7.0 DRS Improvements – What's New
- How to Patch vCenter Server Appliance (VCSA) – [Guide]
- What is The Difference between VMware vSphere, ESXi and vCenter
- How to Configure VMware High Availability (HA) Cluster