Software releases outpace automation, authorization is more than just a security tool, Cisco acquires more cloud-native tech and IoT security vulnerabilities to grow as connectivity options expand

11/19/2020 - Jin Woo

The Blue Print recaps the industry’s most intriguing news, unexpected shifts and developing trends that are defining the business and technology landscape. Next week we’ll be on hiatus again with the Thanksgiving Holiday. Our next issue will be the first week of December. 


SDXCentral: Kubernetes Complexity Continues to Challenge Vendor Lock-In Concerns

Kubernetes complexity is forcing end-users to decide if they want to manage their container deployments themselves or rely on established platforms from vendors like VMware and Red Hat, which come with a form of lock in that they are trying to avoid. During an end-user panel discussion at this week’s virtual KubeCon + CloudNativeCon North America 2020 event, that dilemma was presented as one that continues to drag on the Kubernetes ecosystem. This despite the community’s ongoing push to make Kubernetes boring. “Obviously everything can be improved, and I think it’s a never-ending journey to make developers more efficient,” noted Nicolas Chaillan, the chief software officer for the U.S. Air Force. “That being said, you also have to pay attention to vendor lock in … so we don’t end up completely depending on some of these tools, particularly if they’re not open.”

Why It Matters: While Kubernetes is an attractive method for building applications, complexity due to its potential scale and integrations are leading to challenges. While many vendors have stepped up to simplify deployments, some users fear it will lead to dependency on vendor solutions that don’t support open integration. Over the next few years, it’s also anticipated that there will be greater innovation, partnerships and consolidation at the service mesh, which will allow end users to manage different parts of the application using a dedicated layer separate from the application. This should lead to greater flexibility, interoperability and openness. 

Tags: CNCF, KubeCon, Kubernetes


ZDNet: Software accelerating to daily or hourly releases, but automation not keeping pace

The pace of software releases continues to get more frenetic, and we’re getting close to the point where daily releases are almost commonplace. At the same time, IT shops aren’t quite ready to turn the whole process over to automation. That’s the word from the latest survey of 1,324 IT managers and professionals released by the Cloud Native Computing Foundation (CNCF), which finds release cycles have continued to speed up. Surprisingly, however, the use of automation to manage these cycles has slipped significantly.  The percentage of those who release software daily, or even multiple times a day, has increased to 29% from 27% last year, the survey’s authors report. Weekly release cycles are still the most common (26%), but more than half of respondents (55%) release weekly or more frequently.

Why It Matters: While the pace of software releases are increasing, scale, security and complexity are some of the primary reasons that enterprises haven’t broadly embraced automation yet. 

Tags: CNCF, software, application, automation


The New Stack: Open Policy Agent for the Enterprise: Styra’s Declarative Authorization Service

DAS is available in two new editions, DAS Free and DAS Pro editions, along with the pre-existing DAS Enterprise. With these, you get a budget-friendly and fast option to deploy OPA at scale for Kubernetes. With any of the trio, you can now deploy DAS in just minutes and have access to more than 100 built-in policies. These new offerings enable a self-service experience and eliminate the need for learning and custom coding OPA policies for Kubernetes admission control. If you, like me, prefer to see code examples, the policies alone are worth the price of admission.While it’s not quite turnkey — every company has their own policies — it’s close. DAS provides a single control plane for authorization both within applications and for the infrastructure they run upon. With it, you get easy-to-deploy security, compliance and operational guardrails for both Kubernetes and microservices to help customers mitigate risk, reduce errors and accelerate software development.

Why It Matters: Cloud-native authorization-based policy is much more than a complimentary technology to authentication. Policies using OPA enable enterprises to build policy-as-code for security, business and infrastructure that is both decoupled and massively scalable. DAS offers a centralized control plane that eliminates the need for learning and custom coding, provides validation before putting in production to minimize errors and decision logs for compliance. Here is another article in The New Stack that offers more details. (disclosure: Styra is a 280blue client)

Tags: Open Policy Agent, Styra, Declarative Authorization Service 


CRN: Cisco To Buy Banzai Cloud, Boosting Rapidly Emerging Cloud-Native Portfolio

Cisco looked to boost a rapidly expanding portfolio of cloud-native technology developing under its roof Monday with its second deal for an international startup focused on Kubernetes since last month.The agreement to buy Hungary-based Banzai Cloud is expected to close at the end of this quarter for an undisclosed price. Banzai will add to a slate of emerging technologies being nurtured within the networking giant’s Emerging Technologies and Incubation group, the team incubating projects around cloud-native networking, security and edge computing environments for modern distributed applications.

Why It Matters: Cisco is doubling down on cloud-native technologies, this time in the area of security with the Banzai acquisition that follows Portshift. It will be interesting to see how its cloud-native strategy evolves and if this is an acquihire move. 

Tags: Cisco, Banzai, Portshift, Kubernetes, Security


CIO Dive: IT leaders choose hybrid cloud as top transformation action

The COVID-19 pandemic accelerated cloud adoption, and a hybrid model is the “ideal operating model” for 86% percent of respondents, according to a Nutanix survey. IT decision-makers reported deploying hybrid infrastructure as a higher priority for companies, even above improving business continuity and disaster recovery during the pandemic, according to the survey of 3,400 respondents conducted by U.K. researcher Vanson Bourne on behalf of Nutanix. Hybrid cloud may streamline digital transformation for many businesses, but it can also block network visibility as clarity into who manages what becomes blurred, according to the report.

Why It Matters: Any digital transformative company is investing heavily in cloud. The pandemic only accelerated cloud spending to better support remote workers and accelerate the transformation to ensure short and long term success. What’s surprising is that cost is not considered as critical a factor as many are turning to the cloud for more predictable pricing and the ability to quickly scale up and scale down. 

Tags: cloud, pandemic, hybrid cloud


IT-Harvest: Launch of LOCH Technologies (Video)

I have been talking with Garry Drummond, founder of LOCH Technologies for several months. We finally used the news of an upcoming name change and re-launch as a great reason to get together to record the below interview. LOCH is all about radio frequency security, a realm that has expanded well beyond just the various flavors of wifi networking evoked by LOCH’s previous name, 802Secure. The Internet of Things, from cars to drones, to industrial control systems, introduces an even greater need to understand what sort of devices are talking over the airwaves in your environment. Discovering all these devices are the first step in understanding what they are doing, how they are connecting to your networks, what data they may be transmitting, and what risk they pose.

Why It Matters: As connectivity options expands and price points get lower with more variety including 5G, satellite and the auction of spectrum by the FCC, IDC estimates that 41.6 billion IoT devices will generate 79.4 ZB of data by 2025. LOCH is tackling the challenge of preventing vulnerabilities that could lead to security and privacy issues. (Disclosure: LOCH Technologies is a 280blue client)

Tags: IoT, Loch Technologies, security