Managing container runtime profiles
When implementing runtime policies, Kaspersky Container Security can apply user-defined rules for monitoring processes and the network. To do so, add runtime profiles to the appropriate runtime policies. Runtime profiles are essentially lists of restrictions for containers. Image profiles define the settings for secure image deployment and safe activities of an application deployed from an image. The actions assigned in profiles can significantly reduce the capabilities of cybercriminals who could potentially infiltrate a facility, and can improve security during the runtime operation of containers.
The following settings specify restrictions in an image profile:
- Executable files that should be blocked.
- Network restrictions for inbound and outbound connections.
Container runtime profiles in runtime policies apply to images that are running in orchestration environments using objects within the cluster. If a container is started outside the orchestration environment (for example, using the docker run or ctr run command), the solution will not detect malware in such a container.
The solution does not automatically perform a malware scan when objects are saved in a container. We recommend additionally protecting containerized files outside the orchestration environment.
The list of configured profiles is displayed as a table on the Container runtime profiles tab under Policies → Runtime policies. In this section, you can also do the following:
- Create new container runtime profiles. Open the profile settings window by clicking the Add profile button above the list.
- Edit profile settings by clicking the link in the runtime profile name.
- Delete runtime profiles.