by Andrew Randall | Mar 20, 2018 | Blog, Calico, Calico Enterprise, Cloud Computing, Cloud Native, Cloud Security, Containers, GCP, Microsegmentation, Network Policy, Networking, Project Calico, Security, Tigera, Zerotrust
A best practice for securely deploying Kubernetes applications is to enforce network policy. Google’s announcement today that network policy for Google Kubernetes Engine (GKE) using Calico network policy is now generally available (GA) is a huge step forward for...
by Christopher Liljenstolpe | Mar 12, 2018 | AWS, Calico Enterprise, Containers, DevOps, Kubernetes, Microsegmentation, Project Calico, Security, Uncategorized, Zerotrust
Heptio’s CTO, Joe Beda, recently posted an insightful blog entry discussing the Tesla Kubernetes compromise. I wanted to dive into one of the areas he mentioned, network policy. Before I do, however, I would make some general observations. While, in hindsight, the...
by Cody McCain | Mar 1, 2018 | Application Connectivity, Kubernetes, Microsegmentation, Network Policy, Networking, Project Calico, Uncategorized
This blog concludes a three part series on Securing Host Endpoints with Project Calico by explaining how to secure endpoints in Kubernetes. The first two installments referenced below provide background on the technical principles applied in this blog. Part 1 — What...
by Christopher Liljenstolpe | Feb 19, 2018 | Calico Enterprise, Cloud Security, Compliance, Containers, Cybersecurity, Enterprise, Microsegmentation, Microservices, Network Policy, Security
Microservices and containers have recently seen tremendous widespread adoption, as evidenced by the near tripling of the crowd attending KubeCon Austin in December. Enterprises are seeking the business benefits of rapid application innovation, while at the same time...
by Cody McCain | Sep 11, 2017 | Calico, Kubernetes, Microsegmentation, Zerotrust
I was discussing home security with a friend the other day as he was telling me about a fancy new Bluetooth lock he installed on his front door. He went on to explain how it provided status alerts and how he could remotely control it to let people in when if he wasn’t...
by Christopher Liljenstolpe | Sep 5, 2017 | Cloud Computing, Cloud Native, Microsegmentation, Project Calico
A light in the mist In my previous post on this topic, I pointed out that the existing models for network workload isolation or micro-segmentation were, at best, sub-optimal for the new cloud native world, and, most probably, just plain would not work at scale. In...
