DEVOPSdigest

HashiCorp released HashiCorp Vault Enterprise 0.7 with multi-datacenter replication, enabling organizations spanning multiple public clouds or private data centers to centrally manage security policy while meeting their scalability and availability challenges.

Traditional network-based approaches to security are being challenged by the increasing adoption of cloud and an architectural shift to highly elastic and microservice-oriented architectures. Organizations now must thread security within the application in addition to relying on perimeter-based security and traditional firewalls. Through its new replication capabilities, HashiCorp Vault Enterprise enables security teams to take this application-based approach and scale across multiple environments while maintaining performance and consistency. Users can access secrets locally and policies are enforced everywhere.

HashiCorp provides a suite of open-source tools and enterprise products that enable organizations to provision, secure, and run any infrastructure for any application. HashiCorp Vault is an open source product used by tens of thousands of users to secure application infrastructure. The enterprise version of Vault builds on the open-source tools to enable security teams to define and enforce security policy and secrets management across distributed infrastructure.

"As the adoption of Vault has grown, organizations with extremely stringent requirements around availability and regulatory compliance have approached us to help them architect their security solution using Vault as the foundation," said Armon Dadgar, co-founder and CTO of HashiCorp. "This became the driving force behind the latest HashiCorp Vault Enterprise release. We heard from customers that the most critical thing we could do to help enterprise organizations scale across their IT environments is replication."

The new release of HashiCorp Vault Enterprise includes several core capabilities that enable organizations to effectively scale Vault across their data centers and cloud environments.

Vault Enterprise consistently delivers on the vision to simplify collaboration workflows and govern access with security policies and includes the following new features:

- Multi-Datacenter Replication: Customers can now replicate Vault clusters across geographically-distributed data centers to scale out performance for high-throughput and availability-sensitive environments.

- Enterprise-Class Usability: Manage replication and response-wrapping natively in the Vault Enterprise UI. The web-based UI provides a single pane of glass to manage workflows for replication and response-wrapping. Security operators can implement replication using the UI within a few clicks without having to interact with the CLI.

- Expanded Access Control Policies: Access control policies can now specify which parameters are allowed and denied. This control over what a client can and cannot submit in an API call. Additionally, policies can now specify time-to-live controls to limit the duration of accessibility. The ability to put in place fine-grained access control policies helps security teams improve the security posturing of the organization. This is available in both enterprise and open source offerings.

These new capabilities enhance the already rich set of features including a UI for managing secrets, health monitoring, initialization and secure bootstrapping workflows, and Hardware Security Module (HSM) integration.