Shared Responsibility Model

Prev Next

Types of Deployment

Cloud Service Provider Managed Kubernetes

  • Deployment of Halo artefacts (Helm charts and container images) into a customersโ€™ managed Kubernetes cluster within a public, private, or government CSP (Azure, AWS or Oracle) environment.
  • Glasswall Halo leverages other cloud PaaS and SaaS services (Storage, Key/Secret Management etc.) and is tested against each cloud platform internally.
  • Customers typically pull the Halo artefacts directly from Glasswallโ€™s external container registry at glasswallhub.azurecr.io.
  • Artefacts are configurable out-of-the-box for each cloud platform.
  • Detailed installation documentation is available at docs.glasswall.com.

On-Prem Customer Managed Kubernetes

  • Deployment of Halo artefacts (Helm charts and container images) into a customersโ€™ managed Kubernetes cluster into an on-premise (non-CSP) environment. These may include Rancher Enterprise, VMWare Tanzu, and RedHat OpenShift.
  • Glasswall Halo deployment requires configuration and integration with on-premise Storage and Secret/Key Management.
  • Customers typically pull the Halo artefacts directly from Glasswallโ€™s external container registry at glasswallhub.azurecr.io.
  • Artefacts likely require custom configuration out-of-the-box for each cloud platform.
  • Although there are no environment-specific installation steps, outlined guidance documentation is available at docs.glasswall.com.
  • Due to the high level of potential variability for these deployments, customerโ€™s require professional services support for the configuration and installation phase.

On-Prem Customer Managed VM - Single Node

  • Deployment of the Halo single-node VHD or OVA into a customersโ€™ traditional virtualisation environment, e.g. VMWare.
  • Customers typically download Halo artefacts directly from Kiteworks.
  • Glasswall Halo is configured out-of-the-box but has limited scalability due to the resource restrictions of a single VM.
  • Any scaling or redundancy requires customer network configuration, e.g. Load Balancing.
  • Detailed installation documentation is available at docs.glasswall.com.
  • Whilst there should be less of a requirement for explicit professional services time, weโ€™ve seen from the OVA v1 there is often the need for focussed initial support for the installation phase. 



Cloud Service Provider Managed KubernetesOn-Prem Customer Managed KubernetesOn-Prem Customer Managed VM - Single Appliance
Access to deployment assetsGlasswallGlasswallGlasswall
CDR functionalityGlasswallGlasswallGlasswall
Technical & compliance documentationGlasswallGlasswallGlasswall
Accurate application logging & guidanceGlasswallGlasswallGlasswall
Configuration & testing of Helm chartsGlasswallGlasswall / CustomerGlasswall
Artefact deployment documentation & scriptsGlasswallCustomerGlasswall
Infrastructure integration documentation guidance & scriptsGlasswallCustomerCustomer
Integration with business applicationsCustomerCustomerCustomer
Manage identity providers, credentials, & cluster integrationCustomerCustomerCustomer
External network integration (TLS, VNet & security)CustomerCustomerCustomer
External storage configuration & securityCloud Service Provider / CustomerCustomerCustomer
Infrastructure /cluster monitoring & loggingCloud Service Provider / CustomerCustomerCustomer
Infrastructure access, resiliency, & availabilityCloud Service ProviderCustomerCustomer
Secure host node OS & cluster hardeningCloud Service Provider / CustomerCustomerGlasswall