Views:
Red Hat OpenShift is an enterprise Kubernetes platform that provides basic security features including security hardening and FIPS (Federal Information Processing Standard) compliant encryption (FIPS 140-2 Level 1).
Add Container Security to your OpenShift environment to deploy comprehensive protection for OpenShift containers and worker nodes as well as pod and node level visibility and controls.
Note
Note
Container Security supports OpenShift versions 4.12 and later. Learn more.

Container Security protection for OpenShift

Red Hat OpenShift Virtualization allows you to run and deploy virtual machine (VM) workloads alongside containerized applications in OpenShift. This creates a hybrid environment where both containerized applications and traditional VM workloads coexist.
Container Security can protect containerized applications running on container-optimized operating systems commonly used in OpenShift, like CoreOS, with minimal host/OS dependencies.
Container Security can also protect the following in OpenShift containerized applications:
  • Container images
  • Container runtime
  • Worker nodes
Note
Note
OpenShift control plane, host/master node’s OS, and VM workloads are not included in Container Security OpenShift protection.
For complete protection of OpenShift environments, you might need to combine Container Security with Server & Workload Protection (SWP) based on your OpenShift requirements. Learn more about protecting OpenShift containers in SWP.
For more information about the recommended exclusions for OpenShift namespaces and how to add runtime security to the infrastructure and master nodes, see OpenShift requirements.
Related information