The continuous growth of microservices deployment as containers, exposed a wide attack surface, enabling attackers to execute several types of attacks, including network-based attacks such as Man-in-the-middle attack (MITM). The lack of isolation at network level enabled such attacks to be executed, especially in container environments, where many containers are running on the same host without proper restrictions. This is because the existing configuration of the containers’ network is poorly secured, in which one container is able to access any service running on neighboring containers or on the host. In this paper, a design is proposed that is able to attain the required level of network isolation by employing Firewall Container (FWC), which acts as a gateway for a set of related containers that are connected to a virtual bridge to protect against unauthorized access and MITM attacks. FWC is configured to filter traffic and perform port forwarding (NAT), it also has an optional DHCP server.

Conference Title

2023 14th International Conference on Computing Communication and Networking Technologies (ICCCNT)

Conference Country

India

Conference Date

July 6, 2023 - July 8, 2023

Conference Sponsor

-