Gartner Blog Network


Can you make your containers contain?

by Joerg Fritsch  |  January 8, 2015  |  5 Comments

Security properties of containers are a largely unexplored field and there is a lot of controversial discussion about whether containers do contain or not. –At times it seems that the discussion is driven by (hidden) business agendas, partnerships and financial dependencies rather than by plain technology.– So, leaving all of this aside, can you make your containers contain or not?

On the one hand containers are not new and service providers have been using for example Virtuozzo or Parallels containers to offer Virtual Private Servers (VPS) in multi tenant environments long before computing clouds even came onto the radar. On the other hand, the packaging of software and the instantiation and management of containers with Docker is brand new.

For many clients the default-deployment will be on a guest system on top of a hypervisor because hypervisors are omnipresent. Others again dare to talk about the elephant in the room and ask whether the security properties of Docker containers deployed on a Linux OS on bare metal hardware is good enough for their use case or for multi-tenant environments even.

A while ago I set out to address these types of questions plus other questions that should be top of mind of every security professional who needs to get an opinion about a new technology.  Thus, I am happy to announce that my research note “Security properties of Containers managed by Docker” has been published today! It is my hope that this paper will become a solid reference point for security professionals that need to have an informed conversation about container security.

Category: devops  docker  virtualization  

Tags: devops  docker  virtualization-2  

Joerg Fritsch
Research Director
1 year at Gartner
15 years IT Industry

Joerg Fritsch is a Research Director in the Gartner for Technical Professionals Security and Risk Management Strategies team. His specialties include information security, data center and cloud security, big data (analytics), cloud computing, PaaS, distributed systems, messaging and event-driven systems, and very fast networks and servers. Read Full Bio


Thoughts on Can you make your containers contain?


  1. […] und das schon lange bevor Clouds überhaupt auf dem Radar waren”, erklärt Fritsch in einem Blog. “Auf der anderen Seite bringt Docker mit dem Packaging von Software und der Instantiation […]

  2. […] the author of the report “Security properties of Containers managed by Docker”, wrote in a blog post: “Security properties of containers are a largely unexplored field and there is a lot of […]

  3. […]  In a post regarding the report, Joerg Fritsch writes: […]

  4. […] the author of the report “Security properties of Containers managed by Docker”, wrote in a blog post: “Security properties of containers are a largely unexplored field and there is a lot of […]

  5. […] when it comes to container administration as well as management, Fritsch said in his guide, “Protection residential properties of containers taken care of by Docker.” That is, while a container makes certain safe and secure usage of calculate resources, the […]



Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.