Secure Cloud Native Applications with Lightwave
VMware just announced the introduction of two new Open Source projects, Project Lightwave and Project Photon, both of which are intended to improve scalability and integration between cloud apps and existing enterprise infrastructure.
VMware recognizes that containers, microservices, and DevOps are changing how modern applications are built, deployed, and managed. VMware beliefs that virtual machines and containers are not mutually exclusive, virtual machines and containers are better together. With Pivotal, VMware has been working on containers for several years, and both VMware and Pivotal continue to support open standards in the community.
Project Lightwave is an identity and access management platform that will allow increased control over container-based cloud apps by implementing access control over container-based apps for both developers and customers. Key capabilities in Project Lightwave are centralized identity management and multi-tenant support, key components for service providers and application hosts.
As enterprises begin building more microservices-based applications and using containers to do so, valid security questions start to appear. Businesses building cloud-native applications need to address security and governance from developer desktop to production stack. They require enterprise-grade identity and access management for an increasingly large volume and variety of objects across their hybrid clouds. And the solution to these challenges must support common standards and interoperability for business agility and choice.
To tackle these challenges for enterprises in building, deploying, and managing cloud-native applications., VMware introduces Project Lightwave to address those challenges.
Project Lightwave will be the industry’s first container identity and access management technology that extends enterprise-ready security capabilities to cloud-native applications. The distributed nature of these applications, which can feature complex networks of microservices and hundreds or thousands instances of applications, will require enterprises to maintain the identity and access of all interrelated components and users.
Project Lightwave will add a new layer of container security beyond container isolation by enabling companies to enforce access control and identity management capabilities across the entire infrastructure and application stack, including all stages of the application development lifecycle. In addition, the technology will enable enterprises to manage access control so that only authorized users will be capable of running authorized containers on authorized hosts through integration with a container host runtime such as Project Photon. Features and capabilities will include:
- Centralized Identity Management – Project Lightwave will deliver single sign-on, authentication, and authorization using name and passwords, tokens and certificates to provide enterprises with a single solution for securing cloud-native applications.
- Multi-tenancy – Project Lightwave’s multi-tenancy support will enable an enterprise’s infrastructure to be used by a variety of applications and teams.
- Open Standards Support – Project Lightwave will incorporate multiple open standards such as Kerberos, LDAP v3, SAML, X.509 and WS-Trust, and is designed to interoperate with other standards-based technologies in the data center.
- Enterprise-ready scalability – Project Lightwave is being built with a simple, extensible multi-master replication model allowing horizontal scalability while delivering high performance.
- Certificate authority and key management – Project Lightwave will simplify certificate-based operations and key management across the infrastructure.
Lightwave is an open source project comprised of standards-based, enterprise-grade, identity and access management services targeting critical security, governance, and compliance challenges for cloud-native apps. The project’s code is tested and production-ready having been used in VMware’s solutions to secure distributed environments at scale.
Project Lightwave pairs well with Project Photon, VMware’s lightweight Linux OS optimized for cloud-native applications, to provide an enforcement layer for identity and access management via VMware vSphere and vCloud Air which is also announced today.
Lightwave is open source to encourage collaboration with our customers and partners. Lightwave will be released in the coming months. Until then, check out this video of Lightwave in action.
Project Photon, the second open source project VMware announced today, is a lightweight implementation of the Linux operating system built specifically for running application containers. Targeted primarily at environments running VMware vSphere and VMware vCloud Air, Project Photon is designed to allow users to run both virtual machines and containers natively within a single lightweight environment. Project Photon supports container applications from Docker, rkt, and Garden/Pivotal.
Those in tune with the industry will notice that Project Photon appears to compete directly with Nano Server, recently announced by Microsoft. VMware will likely gain some traction with a product release a year ahead of its competitor, along with the choice to release an open source solution.
As both Project Lightwave and Project Photon are being released as open source projects, customers will be able to test and contribute to the projects. Project Photon is available for download immediately through GitHub. Project Lightwave will be available for download later in 2015.