• Single cluster
    • Multicluster  ENTERPRISE
  • lightbulb About
      • Overview
      • Architecture
        • Overview
        • Enterprise features
        • Supported versions
      • Multicluster  ENTERPRISE
        • Gloo Operator
        • Helm
        • Migrate from a sidecar mesh
        • Add services to the mesh
        • Add ECS services to the mesh  ENTERPRISE
        • Add VMs to the mesh
          • Gloo Operator
          • Helm
        • Flat networking (advanced)
        • Add services to the mesh
        • Add ECS services to the mesh
        • Add VMs to the mesh
        • Overview
        • Make services available across clusters
        • About multitenancy and namespace sameness
        • Namespace flexibility with segments
        • Create segments
        • Multicluster peering
      • Overview
      • Ingress
      • East-west and waypoints
        • Standard egress setup
        • Advanced mTLS egress  ENTERPRISE
        • Overview
          • Ztunnel
          • Waypoint
          • kgateway
          • Istio ingress gateway
          • Sidecar
        • Ztunnel (L4)
        • Waypoints (L7)
        • L7 load balancing with kgateway
        • Multicluster zone and region failover  ENTERPRISE
        • Ztunnel outlier detection
      • Overview
      • Secure workload identities with SPIRE  ENTERPRISE
      • Overview
      • Layer 7 observability for ztunnels  ENTERPRISE
        • Gloo Operator
        • Helm
      • Drain clusters in the mesh  ENTERPRISE
      • Uninstall
      • Service mesh options
        • Overview
        • Supported Solo distributions of Istio
        • Gloo Operator
        • Migrate to the Gloo Operator
        • Helm
        • EKS add-on
        • AKS extension
          • Gloo Operator
          • Helm
        • Flat networking (advanced)
    • Enroll apps
      • Overview
      • Ingress
      • Egress
    • Resiliency
      • Security overview
      • Istio certificate management
      • Bring your own Istio CAs with AWS
    • Observability
      • Gloo Operator
      • Helm
    • Uninstall
      • Architecture
      • Licensing
    • Install
    • Explore the UI
      • About the telemetry pipeline
      • Metrics
      • Access logs
      • Request traces
      • ClickHouse data store
      • Prometheus
      • Grafana
      • Auto identity provider
    • Upgrade
    • Uninstall
      • Solo Enterprise for Istio versions
      • Release notes
          • 1.29.1-patch0
          • 1.29.1
          • 1.29.0
          • 1.28.5-patch0
          • 1.28.5
          • 1.28.4
          • 1.28.3-patch0
          • 1.28.3
          • 1.28.2
          • 1.28.1-patch0
          • 1.28.1
          • 1.28.0-patch0
          • 1.28.0
          • 1.27.8-patch0
          • 1.27.8
          • 1.27.7
          • 1.27.5-patch0
          • 1.27.5
          • 1.27.4
          • 1.27.3-patch0
          • 1.27.3
          • 1.27.2
          • 1.27.1-patch1
          • 1.27.1-patch0
          • 1.27.1
          • 1.27.0-patch0
          • 1.27.0
          • 1.26.8-patch3
          • 1.26.8-patch2
          • 1.26.8-patch1
          • 1.26.8-patch0
          • 1.26.8
          • 1.26.7
          • 1.26.6
          • 1.26.5
          • 1.26.4
          • 1.26.3-patch1
          • 1.26.2-patch0
          • 1.26.3
          • 1.26.2
          • 1.26.1-patch0
          • 1.26.1
          • 1.26.0
          • 1.25.5-patch6
          • 1.25.5-patch5
          • 1.25.5-patch4
          • 1.25.5-patch3
          • 1.25.5-patch2
          • 1.25.5-patch1
          • 1.25.5-patch0
          • 1.25.5
          • 1.25.4
          • 1.25.3
          • 1.25.2-patch0
          • 1.25.2
          • 1.25.1
          • 1.25.0
      • Gloo Operator changelog
      • Gloo Operator APIs
      • Gloo Operator
      • Multicluster ambient peering
        • Solo UI management
        • Solo UI relay
        • Overview
        • istioctl bootstrap
        • istioctl ecs add-service
        • istioctl multicluster check
        • istioctl multicluster expose
        • istioctl multicluster link
      • Debug Istio
      • Multicluster peering
      • Gloo Operator and ServiceMeshController
      • Telemetry pipeline
      • Tunnel server and relay
    • About Solo Support
    • Submit a request
    • Add support information
  • open_in_new Istio documentation
    • Solo Enterprise for Istio
    • main
    • 2.12 (latest, Istio 1.29)
    • 2.11 (Istio 1.28)
    • 2.10 (Istio 1.27)
    • 2.9 (Istio 1.26)
    • Gloo Mesh (Gloo Platform APIs)
    • main
    • 2.12 (latest)
    • 2.11
    • 2.10
    • 2.9
    • GitHub
    • Twitter / X
  • to navigate
  • to select
  • to close
    • Home
    • Istio sidecar mesh
    • Security
    On this page

    You are viewing the documentation for Solo Enterprise for Istio, formerly known as Gloo Mesh (OSS APIs). This version of the documentation is currently under development. Select latest from the version drop down or go to the landing page of the latest stable version.

    Security

    Review Istio features that can increase the security of your service mesh, such as certificate management, authentication and authorization policies, and mutual TLS.

    article

    Security overview

    Review Istio features that can increase the security of your service mesh, such as certificate …

    article

    Istio certificate management

    Learn about what Istio root and intermediate certificates are used for, how to set them up, and how …

    article

    Bring your own Istio CAs with AWS

    Use a combination of AWS Private Certificate Authority (CA) …

    Solo.io copyright 2026