1 Introduction
The landscape of software architecture is continuing to be refined and is still evolving. Traditionally, software products and its architecture were primarily monolithic — software in which everything from the UI to the data layer and everything in between was developed into a single platform. Next came Service Oriented Architectures (SOA), in which the SOA's architectural style can be thought of as taking a monolithic system and breaking it down into smaller services that work together over a network. SOA is a collection of loosely coupled services that often rely on middleware or an Enterprise Service Bus (ESB) when deployed to an enterprise infrastructure. Although SOA is considered a refinement in software architecture services, it is still regarded as coarse-grained and heavyweight.
Microservices is a software architectural style that is gaining momentum in IT organizations. Microservices can be considered a variant of the SOA architectural style, where the coarse-grained SOA units can be decomposed into even smaller services. Each microservice is characteristically small and autonomous by using a separation-of-concerns and single-responsibility type of design principles, making microservices fine-grained. Microservices also use lightweight protocols and utilize APIs extensively.
Most microservices application architectures use containers (e.g., Docker) to implement their solution. Containers are units of software that encapsulate a lightweight runtime environment for the application code, making them ideal when using the one microservice per container design principle. Tools are used for automating the deployment, orchestration and management of the many containers used in microservices, by utilizing software tools like Apache Mesos, Kubernetes (a.k.a K8s), or Swarm Mode as examples, although Kubernetes has quickly become the de facto tool of choice in this area.
Security solutions for monolithic and SOA architected products and services are well understood, and Identity & Access Management (IAM) and Web Application Firewalls (WAF) products are well-founded. In contrast, security solutions for containerized environments and their orchestration management tools are less established. These environments have new requirements in which traditional security solutions are no longer adequately suited.
New security solutions must be built for this next generation of software architectures to support their unique environmental needs. The security solution should protect the applications and their data, but it also must provide seamless integration and interoperability with the container management and orchestration platforms where the microservices applications reside. These security solutions must also integrate well into the Continuous Integration/Continuous Deployment (CI/CD) pipelines that facilitate the automation of the software delivery process and accelerate product iterations.
Radware has created a WAF designed to meet the requirements of the Kubernetes environment and the containerized microservices applications it manages. Radware is headquartered in North America with offices globally and specializes in application delivery and cybersecurity solutions. Their Application Protection portfolio includes Web Application Firewalls, Bot Management, API & Mobile Security, and, more recently, Microservices protection.