Security

Review steps that you can take to make the following Gloo and service mesh components more secure.

Figure: Components in your cluster environment that you want to secure.
  1. Gloo Platform components
  2. Service mesh traffic
  3. User access
  4. Your applications
  5. Underlying infrastructure

Videos

Review the following videos related to security in Gloo Platform.

Zero trust video

Learn how to use Gloo Platform to enforce a zero-trust model for your services. First, workspaces define realistic boundaries between your services. Then, Gloo can translate custom resources automatically into Istio AuthorizationPolicy, PeerAuthentication, and Sidecar objects to simplify managing your network security.

Secure egress traffic video

Learn how Gloo Platform uses both Istio and Cilium (or any other CNI) to secure Kubernetes egress traffic. A CNI network policy can prevent pods from bypassing the egress gateway. The egress gateway can perform TLS origination and apply advanced L7 policies, such as to allow only GET requests.