Standard deployment schemes

Kaspersky Container Security supports the following deployment scenarios:

• Deployment in a public corporate network (Internet access from the Kubernetes cluster is allowed):
  • Images from which the Kaspersky Container Security components are deployed are located in a public repository.
  • After installation, the solution components refer to the vulnerability databases on the Internet.
  • Databases are updated using the Update server on the Internet.

  A private corporate network with access to servers in the allowed servers list may be considered a public corporate network.

• Deployment in a private corporate network (Internet access from the Kubernetes cluster is prohibited):
  • An internal repository is used to host the images from which the Kaspersky Container Security components are deployed.
  • Components are installed from a dedicated image with the vulnerability databases and security standards required to operate the solution.
  • After installation, the solution components refer to vulnerability databases and security standards located in the corporate network.
  • The Update server providing threat database updates is deployed as a separate component in the corporate network.

A private corporate network also allows for deployment with a proxy server.