Use Gloo policies to secure the traffic within your service mesh environment.
Concepts
Learn about how to secure incoming network traffic for your cluster.
Client TLS
Enable TLS origination on your ingress gateway.
CORS
Specify external domains that can access your routes with cross-origin resource sharing.
CSRF
Apply a CSRF filter to the gateway to help prevent cross-site request forgery attacks.
Data loss prevention (DLP)
Ensure that sensitive data isn't logged or leaked with data loss prevention.
External authentication and authorization
Set up an external authentication, such as basic, passthrough, API key, OAuth, OPA, or LDAP.
JWT
Control access or route traffic based on verified claims in a JSON web token (JWT).
Rate limiting
Control the rate of requests to a destination or route.
Web application firewall (WAF)
Filter and block potentially harmful traffic with a Web Application Firewall (WAF) policy.