Shared Responsibility Model
    • PDF

    Shared Responsibility Model

    • PDF

    Article summary

    Types of Deployment

    Cloud Service Provider Managed Kubernetes

    • Deployment of Halo artefacts (Helm charts and container images) into a customers’ managed Kubernetes cluster within a public, private, or government CSP (Azure, AWS or Oracle) environment.
    • Glasswall Halo leverages other cloud PaaS and SaaS services (Storage, Key/Secret Management etc.) and is tested against each cloud platform internally.
    • Customers typically pull the Halo artefacts directly from Glasswall’s external container registry at glasswallhub.azurecr.io.
    • Artefacts are configurable out-of-the-box for each cloud platform.
    • Detailed installation documentation is available at docs.glasswall.com.

    On-Prem Customer Managed Kubernetes

    • Deployment of Halo artefacts (Helm charts and container images) into a customers’ managed Kubernetes cluster into an on-premise (non-CSP) environment. These may include Rancher Enterprise, VMWare Tanzu, and RedHat OpenShift.
    • Glasswall Halo deployment requires configuration and integration with on-premise Storage and Secret/Key Management.
    • Customers typically pull the Halo artefacts directly from Glasswall’s external container registry at glasswallhub.azurecr.io.
    • Artefacts likely require custom configuration out-of-the-box for each cloud platform.
    • Although there are no environment-specific installation steps, outlined guidance documentation is available at docs.glasswall.com.
    • Due to the high level of potential variability for these deployments, customer’s require professional services support for the configuration and installation phase.

    On-Prem Customer Managed VM - Single Node

    • Deployment of the Halo single-node VHD or OVA into a customers’ traditional virtualisation environment, e.g. VMWare.
    • Customers typically download Halo artefacts directly from Kiteworks.
    • Glasswall Halo is configured out-of-the-box but has limited scalability due to the resource restrictions of a single VM.
    • Any scaling or redundancy requires customer network configuration, e.g. Load Balancing.
    • Detailed installation documentation is available at docs.glasswall.com.
    • Whilst there should be less of a requirement for explicit professional services time, we’ve seen from the OVA v1 there is often the need for focussed initial support for the installation phase. 



    Cloud Service Provider Managed KubernetesOn-Prem Customer Managed KubernetesOn-Prem Customer Managed VM - Single Appliance
    Access to deployment assetsGlasswallGlasswallGlasswall
    CDR functionalityGlasswallGlasswallGlasswall
    Technical & compliance documentationGlasswallGlasswallGlasswall
    Accurate application logging & guidanceGlasswallGlasswallGlasswall
    Configuration & testing of Helm chartsGlasswallGlasswall / CustomerGlasswall
    Artefact deployment documentation & scriptsGlasswallCustomerGlasswall
    Infrastructure integration documentation guidance & scriptsGlasswallCustomerCustomer
    Integration with business applicationsCustomerCustomerCustomer
    Manage identity providers, credentials, & cluster integrationCustomerCustomerCustomer
    External network integration (TLS, VNet & security)CustomerCustomerCustomer
    External storage configuration & securityCloud Service Provider / CustomerCustomerCustomer
    Infrastructure /cluster monitoring & loggingCloud Service Provider / CustomerCustomerCustomer
    Infrastructure access, resiliency, & availabilityCloud Service ProviderCustomerCustomer
    Secure host node OS & cluster hardeningCloud Service Provider / CustomerCustomerGlasswall


    Was this article helpful?