by John Armstrong | Sep 3, 2020 | Blog, Kubernetes, Network Policy, Security, Zerotrust
The old security model, which followed the “trust but verify” method, is broken. That model granted excessive implicit trust that attackers abused, putting the organization at risk from malicious internal actors and allowing unauthorized outsiders wide-reaching access...
by John Armstrong | May 27, 2020 | Blog, Calico Enterprise, Compliance, Cybersecurity, Firewall, Kubernetes, Network Policy
New applications and workloads are constantly being added to Kubernetes clusters. Those same apps need to securely communicate with resources outside the cluster behind a firewall or other control point. Firewalls require a consistent IP, but routable IPs are a...
by Christopher Liljenstolpe | Mar 6, 2019 | Blog, Kubernetes, Network Policy
Usually, when you hear us going on about labels here at Tigera, we are mentioning them as targets for selectors for network policies. As a review, you might have a policy that says, “things labeled customerDB=server should allow traffic on 6443 from things labeled...
by Christopher Hanson | Feb 22, 2019 | Calico, Kubernetes, Network Policy
Deploying an application on Kubernetes can require a number of related deployment artifacts or spec files: Deployment, Service, PVCs, ConfigMaps, Service Account — to name just a few. Managing all of these resources and relating them to deployed apps can be...
by Christopher Liljenstolpe | Dec 11, 2018 | Business Strategy, Kubernetes, Microsegmentation, Network Policy, Security, Zerotrust
Or, How to map my current operational model into the brave new Kubernetes world Recently, I was working with a large customer of ours as part of an engagement to help them work through their security posture for their Kubernetes environment(s). As with most large...
by Vince Lau | Dec 4, 2018 | AWS, Awsreinvent, Blog, Calico Enterprise, Eks, Istio, Kubernetes, Network Policy
AWS App Mesh, Security Groups and Network Flow Logs with CloudWatch We wrapped up at AWS re:Invent 2018 and are thrilled to have been part of this amazing event that brought together over 40,000 IT professionals. Notably different from last years event was that many...