Anthos security

Leverage consistent security best practices across your hybrid and multi-cloud deployments.

View documentation for this product.

Image showing Anthos security protecting resources from unauthorized access.

Modernizing your security anywhere

As many organizations seek to adopt cloud-native architectures and deploy applications in heterogeneous environments, they demand consistent security best practices, regardless of where they're running their application. Anthos integrates security into each stage of the application life cycle, from develop to build to run, and automates security and policy management for all your deployments.

What's new

Implement and enforce zero-trust security logo

Centralized management at scale

Anthos offers one centralized point for enforcing policy across the fleet, whether that’s on-premises or across clouds. You can give your security teams the ability to implement security guardrails quickly and efficiently, while adhering to your organization’s governance and compliance requirements.

Embrace GitOps and policy as code logo

Evolve to zero trust security model‎

Define and enforce custom perimeters by segmenting networks and isolating workloads to harden your security posture. Easily separate trust and access to clusters and data by deploying fine-grained control from org level to container level. Anthos enables a defense-in-depth security strategy with far-reaching security controls across all of these deployment models.

Security that works for virtual machines and containers logo

Simplified patching and compliance

Anthos’s shared responsibility model means the burden of patching and vulnerability management is reduced for the end user. Leverage consistent compliant environment and security blueprints that provide a foundation to run compliant workloads in on-premises and multiple clouds. Anthos leverages open Kubernetes-style APIs, giving you the freedom to securely run your apps anywhere.

Features

Anthos Config Management

Define and enforce policies across your hybrid and multi-cloud Kubernetes deployments at scale with Anthos Config Management, a central Git repository which manages access-control policies like RBAC, resource quotas, and namespaces, both on-premises and in the cloud.

Anthos Service Mesh

Implement and enforce a consistent service-to-service networking policy. With Anthos Service Mesh, you can better observe what’s happening with your services by implementing service level objectives (SLOs) and intelligently set policies to ensure that any and all communications to and from your services are encrypted, mutually authenticated, and authorized. And all of this is done without changes to your application code. 

Binary Authorization

Deploy only trusted containers with Binary Authorization. By enforcing validation, you can gain tighter control over your container environment by ensuring that only verified images are integrated into the build-and-release process.

Integrated visibility and intelligence

Anthos gives you the tools you need to see and fix misconfigurations and get real-time security alerts. Anthos seamlessly works with the rest of the Google Cloud security and identity solutions, so you can gain centralized visibility into suspicious events such as traffic to known bad domains/IPs.

Config Connector

Config Connector includes Custom Resource Definitions (or CRDs) that provide a declarative, consistent way to configure many Google Cloud services and resources using Kubernetes tooling and APIs.

Meeting compliance at scale

Google Cloud has built infrastructure that meets many regulatory compliance requirements, including PCI, ISO/IEC 27001, HIPAA, SOC, and FedRAMP. We’re also making it easy for you to build compliant applications on top of our secured, managed Kubernetes service, both on Google Cloud and on-premises, by providing solution guides for PCI and other common compliance standards.

Container isolation

Support secure multi-tenancy with GKE Sandbox, based on open source gVisor, bringing defense-in-depth security principles to containers without application changes, new architecture models, or added complexity.

Policy Controller

Policy Controller is a Kubernetes dynamic admission controller, based on the Open Policy Agent Gatekeeper project. It audits and enforces your clusters' compliance with policies related to security, regulations, or arbitrary business rules.

Monitor service-level performance

Anthos Service Mesh provides observability into the health and performance of your services by providing you critical, service-level metrics on three of the four golden signals of monitoring: latency, traffic, and errors.

We chose Google Cloud’s Anthos for its flexibility to modernize our existing application investments with ease, and to deliver AI/ML powered software faster while improving operational security and governance. Anthos gives us the ability to have a unified management view of our hybrid deployments, giving us a consistent platform to run our banking workloads across environments.

Dilek Duman, Chief Operating Officer, DenizBank

Technical resources

Take the next step

Talk to us to learn more about Anthos pricing and how it can benefit your business.

Need help getting started?
Work with a trusted partner
Continue browsing