Cloud
September 9, 2021 By Chris Rosen 5 min read

Business is moving to container infrastructures, which has created just as many new challenges as it has opportunities.

This tutorial will guide you through deploying NeuVector on IBM Cloud and leveraging that solution within your Red Hat OpenShift on IBM Cloud cluster. Let’s dive in!

IBM and Neuvector

IBM partnered with NeuVector to bring their full lifecycle container security — from CI/CD pipeline to production — to the IBM Cloud catalog:

NeuVector enables enterprises to secure container and Kubernetes environments throughout the full application lifecycle. Deployed as a container firewall, NeuVector delivers the defense-in-depth capabilities to defeat even zero-day attacks and threats with unknown origin. Through behavioral learning, Security-as-Code and continually added capabilities like compliance templates and serverless security, NeuVector identifies vulnerabilities and abnormal behavior to neutralize all threats while automating security throughout the CI/CD pipeline and at run-time. NeuVector’s Kubernetes-native, end-to-end container security solution is now available to IBM Cloud customers through the IBM Cloud Catalog.

NeuVector protects production workloads and hosts

Detects and prevents

  • Vulnerability exploits
  • Zero-day attacks
  • Embedded malware
  • Insider, phishing attacks

Learns, allowlists and blocks

  • Unauthorized network connections
  • Unauthorized processes
  • Unauthorized file access

Deploying your NeuVector instance in IBM Cloud

  1. Log into IBM Cloud.
  2. Navigate to the Catalog and search for NeuVector, clicking on their tile.
  3. You can select a Lite instance (which will provide a free trial for 14 days applicable to 10 nodes) or a Standard Subscription (which provides full run-time security and optionally multi-cluster management). Provide the desired name for this instance. Click Create to proceed:

Using NeuVector with IBM Cloud Kubernetes Service

When deploying NeuVector to IBM Cloud Kubernetes Service, follow the instructions on the landing page that appears once the NeuVector instance is created:

Using NeuVector with Red Hat OpenShift on IBM Cloud

  1. When deploying NeuVector to the Managed OpenShift Service, follow the instructions linked lower in the instance landing page.
  2. We’ll use the OpenShift Operator model:
  3. Create the NeuVector project: 
    oc new-project neuvector
  4. Back on the NeuVector instance landing page, download the Kubernetes secret manifest and apply that configuration:
  5. Now go back to the NeuVector docs page and run the following from the CLI once you are authenticated to the correct server: 
    oc login -u system:admin

oc -n neuvector adm policy add-scc-to-user privileged -z default
  6. From the IBM Cloud console, navigate to the OpenShift cluster that you have been working on and open the OpenShift console:
  7. Expand Operators > OperatorHub and search for NeuVector. The community version of the operator will use the latest and greatest from NeuVector (i.e., 4.3.0), whereas the certified operator may use an older version (i.e., 4.2.1):
  8. We’ll use the certified operator to install the latest. The instruction page includes the same prerequisite steps for installing the operator to your Red Hat OpenShift on IBM Cloud cluster. Click Install after verifying the cluster’s readiness:
  9. Ensure that you specify the neuvector namespace for installation and then click Install. After completion, select View Operator:
  10. On the Details tab, select Create instance:
  11. Update the name of the deployment, if desired. Click Create:
  12. Navigate to Workloads > Pods to validate the NeuVector pods are running:
  13. Alternatively, check the pod status from the CLI with oc get pods -n neuvector:
  14. Check the health under Networking > Services:
  15. Then view the NeuVector web UI under Networking > Routes. Click on the link under Location:

Configuring NeuVector

  1. Regardless of whether you are using the Kubernetes or OpenShift service, bring up the NeuVector console — logging in with the default admin username and password. Accept the EULA to continue:
  2. The first thing I like to do is change the default password under My Profile to something more secure:
  3. Once logged back in (and feeling more secure), grab the license key from the IBM Cloud NeuVector instance page and update the NeuVector console:

Next time, we’ll dig more into the NeuVector console and capabilities, but if you are as excited as I am, then check out the docs now.

Join the conversation

If you have questions or concerns, engage our team via Slack. You can register here and join the discussion in the #general channel on https://ibm-cloud-success.slack.com/.

Was this article helpful?
YesNo
Chris Rosen
Program Director, Offering Management

More from Cloud
July 16, 2024

How a US bank modernized its mainframe applications with IBM Consulting and Microsoft Azure

9 min read - As organizations strive to stay ahead of the curve in today's fast-paced digital landscape, mainframe application modernization has emerged as a critical component of any digital transformation strategy. In this blog, we'll discuss the example of a US bank which embarked on a journey to modernize its mainframe applications. This strategic project has helped it to transform into a more modern, flexible and agile business. In looking at the ways in which it approached the problem, you’ll gain insights into…

July 16, 2024

The power of the mainframe and cloud-native applications 

4 min read - Mainframe modernization refers to the process of transforming legacy mainframe systems, applications and infrastructure to align with modern technology and business standards. This process unlocks the power of mainframe systems, enabling organizations to use their existing investments in mainframe technology and capitalize on the benefits of modernization. By modernizing mainframe systems, organizations can improve agility, increase efficiency, reduce costs, and enhance customer experience.  Mainframe modernization empowers organizations to harness the latest technologies and tools, such as cloud computing, artificial intelligence,…

July 16, 2024

Modernize your mainframe applications with Azure

4 min read - Mainframes continue to play a vital role in many businesses' core operations. According to new research from IBM's Institute for Business Value, a significant 7 out of 10 IT executives believe that mainframe-based applications are crucial to their business and technology strategies. However, the rapid pace of digital transformation is forcing companies to modernize across their IT landscape, and as the pace of innovation continuously accelerates, organizations must react and adapt to these changes or risk being left behind. Mainframe…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters