The Kasten team has grown rapidly in terms of its global development and support presence, and Kasten K10 now provides data protection for organizations across many industries ranging from retail to the public sector. Kasten continues to be the leader in Kubernetes application, backup, disaster recovery and mobility. I am pleased to introduce Kasten K10 V5.0 from Kasten by Veeam and share the unrivaled innovation and capabilities we provide to scale and protect your Kubernetes applications.
So grab a cup of coffee and let’s dive right into V5.0 to see what’s new (a lot!) and how your organization can benefit from these key release themes including:
- Security Everywhere – From Development to Deployment
- Shifting Data Protection Left
- Ecosystem Advancements – From Procurement to Operations
Security Everywhere – From Development to Deployment
Our customers tell us that the most crucial challenge they face today is security. With Kubernetes data protection as our core offering, security remains a critical deliverable and underpinning for Kasten K10 design and implementation. Let me outline a few additional capabilities below that further our commitment to strengthening security for your growing Kubernetes deployments.
Detecting Ransomware Attacks: Kasten previously announced the industry’s first ransomware recovery solution, which enables organizations to automate their backups with immutable, long-term storage and quickly recover when time is of the essence in ransomware situations. Kasten K10 V5.0 enables you to detect early indicators of ransomware compromise and attack. For example, Kasten K10 can detect if someone has attempted to compromise the integrity of your object stores that hold an immutable copy of your backups. Additionally, Kasten K10 has leveraged the MITRE ATT&CK techniques in conjunction with Kubernetes runtime threat detection engines such as Falco to detect an impending or live attack so 24x7 SOC teams can respond to threats in real time.
Watch Demo: Ransomware Attack Detection
Kubernetes-Native RBAC: One of the leading causes of unauthorized access or persistence in Kubernetes environments is granting users and/or applications more permissions than they need. With cloud native skills gaps still a concern in most organizations, these over-permissioned Role Based Access Control (RBAC) settings expose Kubernetes deployments to accidental and malicious attacks. Kasten K10 is a Kubernetes-native solution, and we have now made it extremely simple to define roles and the associated permissions using the Kasten K10 user interface. These roles can then be associated with the appropriate users or groups in a very intuitive manner.
Kasten K10 simplifies the use of underlying APIs such as Kubernetes ClusterRoles and Bindings, so that it’s a snap for applications to remain protected – without requiring you to be a black belt in Kubernetes. At the same time, organizations that prefer command line interfaces or automated workflows leveraging Kubernetes APIs -- and have the requisite skills -- are free to use their tool of choice, such as kubectl or YAML editors, as shown in the example below.
Watch Demo: RBAC Controls in Kasten K10
Figure 1 - Kubernetes-Native RBAC with Kasten K10
Data Protection Policy Guardrails: 81% of community modules in a well-known Infrastructure as Code platform fail to enable backup and recovery processes today. Why? It is one of the most overlooked “get it done after deployment” procedures. Organizations need to think about data protection policies early in their software development lifecycles and not as a post-production after thought. With Kasten K10, you can now leverage policy as code principles to enforce operational best practices (e.g., RPO objectives), deny deployments with misconfigurations (e.g., immutability not enabled), and even modify policies automatically to meet compliance requirements (e.g., setting a six-year retention period per HIPAA regulations). This starts before your applications are put into production.
We have authored Kubernetes-native policies that provide “guardrails” for some of the operational best practices highlighted above. We then leverage Kubernetes Admission Controllers that prevent pods, deployments or StatefulSets from being scheduled onto a Kubernetes node, should a policy be violated. Kasten K10 can use policy engines and languages such as Kyverno and Open Policy Agent (OPA) Gatekeeper as a framework, as outlined in this blog post.
Figure 2 - Kasten Data Protection Policy Guardrails with Open Policy Agent (OPA) Gatekeeper
Additionally, Kasten K10 also allows customers to bring their own encryption keys and integrates with third-party key management systems such as Hashicorp Vault and AWS KMS, so that your data remains securely encrypted whether in flight or at rest.
Watch Demo: Data Protection Policy Guardrails
Shift Data Protection Left with Kasten K10
Another key theme for this release is applying shift left principles to Kubernetes data protection. Shift left principles make security a shared responsibility and introduces data protection earlier in the software development lifecycle. Here are a few examples:
- Kasten a launch partner for Amazon EKS Blueprints: Kasten is happy to continue its collaboration with AWS and is a launch partner for Amazon EKS Blueprints. The Amazon EKS Blueprint platform abstracts the complexities of deploying cloud infrastructure from developers and enables cluster deployments with ease. An EKS Blueprint comprises multiple products and services such as EKS Add-Ons to enable repeatable best practices for Amazon Kubernetes clusters. EKS Blueprints enable companies to consolidate tools and configurations for securing, scaling, and operating containerized infrastructure, so that developers can use these patterns across diverse teams in an enterprise. The Kasten K10 Add-On for Amazon EKS Blueprint provides a blueprint add-on so that you can easily and seamlessly include robust data protection in every EKS cluster deployed without worrying about backup/recovery and disaster recovery.
- Data Service Blueprints and Kasten Editor: Kasten K10 has a unique approach to data protection that allows not only storage-level snapshots but operates at the logical layer for application protection capabilities with higher consistency, as well. Kasten K10 can consume Kanister Blueprints that capture the dataservices-specific workflows required for backup and recovery. With this release, we introduce additional data service blueprints including Microsoft SQL Server, as well as the leading PostgreSQL Operator, PGO, from CrunchyData. We also surface all Kanister Blueprints on the Kasten K10 user interface for easy editing. This enables customers and the entire Kubernetes community to easily consume and edit existing blueprints to adapt to their specific environments.
Watch Demo: Kasten K10 Blueprint Editor
Figure 3 - Kasten K10 Blueprint Editor
- Intuitive UX for Scalable Operations: In addition to the Kasten K10 blueprint editor, let me share another example around reports generation for the simplicity Kasten K10 is known for. Kasten K10 treats report generation as a policy with an “easy button” to enable auto report generation. Reports include operational parameters such as actions run, policies, compliance information, etc. These reports can be viewed either on the Kasten K10 dashboard or using kubetcl.
Figure 4 - Kasten K10 Reports Generator
Ecosystem Advancements – From Procurement to Operations
Kasten is constantly expanding its Kasten K10 ecosystem to enable integrations with industry-leading technologies and platforms. We partner with leaders across the ecosystem shown below to provide robust backup and data recovery capabilities across diverse Kubernetes development environments.
Figure 5 - Freedom of Choice with Kasten K10
- Red Hat OpenShift with Kasten: Kasten also continues to strengthen its partnership and integration with Red Hat OpenShift. With this release, Kasten K10 supports full lifecycle capabilities, including backup and failure recovery as a part of the Red Hat operator framework. It is now even easier and more repeatable to automate deployments of Kasten K10 on Red Hat OpenShift. In addition to the Level 3 operator certification, Kasten K10 is also available for transactions on the Red Hat Marketplace for all OpenShift customers, for both cloud and on-premises deployments. Flexible Kasten K10 purchase options ranging from a full-featured free edition, to the enterprise edition with term, to pay-as-you-go, are all available with a simple click of the button from the Red Hat Marketplace.
- Data Protection on VMware vSphere with Tanzu: Veeam has a long and rich history of partnering with VMware for data protection in vSphere environments. Kasten takes this to the next level with the support for protecting modern Kubernetes applications. You can visit the Kasten and VMware partner page to read joint blog posts that address the challenges and solutions of protecting modern applications. We are now happy to further extend this growing list of capabilities to protect your Kubernetes applications in vSphere with Tanzu environments. This enables backup and DR on VMware vSphere with Tanzu using Kasten K10.
Watch Demo: Protecting vSphere with Tanzu
- SUSE Rancher with Kasten: Kasten K10 is now available on the SUSE Rancher Apps and Marketplace, providing universal installation of Kasten K10 across all public clouds and Kubernetes distributions supported by SUSE Rancher management. With Kasten K10 installed, SUSE Rancher users can get the benefits of unified data protection, including backup, disaster recovery and application mobility, across their Kubernetes clusters.
Watch Demo: Installing Kasten K10 from the SUSE Rancher Apps and Marketplace
Attend one our upcoming KubeSeries live webinars
- Kubernetes Security Everywhere with Kasten K10
June 9th 9 a.m. PT | 12 p.m. ET | 5 p.m. GMT
- Three Game-Changing Features of Kasten K10 V5.0
July 21st 9 a.m. PT | 12 p.m. ET | 5 p.m. GMT
Get Started Today!
Try the full-featured and FREE edition of Kasten K10 today with this super-quick install in less than 10 minutes.
Posted in:Data Protection
PostgreSQL Backup and Restore on Amazon Web Services using Kasten K10
Kubernetes Learning Curve
Kubernetes Ransomware Protection
HPE Ezmeral Kubernetes Container Platform with Kasten K10 by Veeam
Kasten K10 Chosen as the Kubernetes Data Protection Leader - Again!
All CategoriesBackup Data Management Disaster Recovery Data Protection Community Partners/Ecosystem
Gaurav Rishi is the VP of Product and Partnerships at Kasten by Veeam. He is at the forefront of several Kubernetes ecosystem partnerships and has been a frequent speaker and author on cloud-native innovations. He previously led Strategy and Product Management for Cisco's Cloud Media Processing business. In addition to launching multiple products and growing them to >$100M in revenues, he was also instrumental in several M&A transactions. Gaurav is a computer science graduate and has an MBA from the Wharton School.
For information about Kasten K10
For information about Kasten K10, please send us a message using the form on this page, or email us at email@example.com
8800 Lyra Drive, Suite 450
Columbus, Ohio 43240
We value the critical role that the security community plays in helping us protect the confidentiality, integrity, and availability of our software, services, and information. If you have information about security vulnerabilities that affect Kasten software, services, or information, please report it to us via our HackerOne Vulnerability Disclosure Program, or anonymously via this form.