What’s New in Panorama Plugin for Kubernetes 1.0.0
This is the initial release of the Panorama plugin for
The Kubernetes plugin manages the licenses for the CN-Series
firewall and enables you to monitor your clusters and leverage Kubernetes
labels that you use to organize Kubernetes objects. The Kubernetes
plugin communicates with the API server and retrieves metadata,
giving you visibility into the applications running within the cluster.
You can collect the cluster’s namespaces, services, and labels to
create tags which can then be used in IP-address-to-tag mappings
in Security policies. The plugin also collects information on the
ports specified in your application YAML file and creates Service
Objects. Tags and service objects are automatically shared with the
CN-NGFW pods in each cluster, and you can also enable sharing of
the tags and service objects with hardware-based or VM-Series firewalls.
The tags become available as match criteria in Dynamic Address Groups,
which you can then use to secure traffic between pods or namespaces,
traffic to an internet-exposed service, or traffic to outbound connections.