This is a sixteen-hour intensive course designed to educate attendees on container and Kubernetes security with full-stack observability based on Calico.
Tigera will deliver instructor-led training focused on securing containerized workloads and Kubernetes with full-stack observability with Calico. Our container and Kubernetes security solution experts are field practitioners with extensive hands-on experience in designing security frameworks, developing security architecture, and implementing container and Kubernetes security.
Estimated Time
Curriculum
The following is the curriculum of the sixteen-hour course:
Overview: Calico components and how they enable observability
Author configure, and deploy Calico security policy
Overview: Advanced security policy tooling
Configure and implement Calico identity-aware microsegmentation
Author and review security policy security implementation best practices
Configure and deploy DNS security policy
Configure and deploy Kubernetes network encryption
Author, configure, and leverage Calico observability tools
Configure and deploy compliance reporting
Overview: cluster mesh
Service Components
Instructor-led training
Includes theoretical and lab modules
Delivered to up to fifteen (15) trainees
Dedicated lab environment per trainee
Combination of slides and hands-on product training
Service Milestones
Training planning and setup
Security and observability for Containers and Kubernetes with Calico
Deliverables
Lab credentials
Training material
Who should attend this training?
Systems administrators, solutions architects, DevOps engineers, platform engineers, network engineers, and security engineers will benefit from taking this course.
Training Details
The following sections provide details about the activities typically performed as part of this service.
Training Planning, Setup, and Delivery
Tigera’s Responsibilities
Work with the customer to determine the list of trainees and training schedule.
Send a remote video conferencing invitation to the trainees, according to the training schedule agreed upon with the customer.
Set up a dedicated lab instance per trainee and deliver the login credential to the trainees.
Deliver the training material document to the trainees.
Customer’s Responsibilities
Provide Tigera with a list of trainees, along with their contact details and their roles in the organization.
Agree with Tigera on a training schedule, in accordance with the lead time section.
Ensure the trainees are available to test the lab access, review the training material document, and attend the training.
Notify Tigera about any issues related to the lab or training material.
Resolve issues related to the training material or lab that are related to the customer environment, such as proxy, web filter, DNS, or firewall issues.
Deliverables
Deliver three (3) remote training sessions, including some or all of the theoretical and lab modules described in the training curriculum section.
Maintain one (1) lab instance for the trainees for the duration of the training.
Ensure all the trainees participate in the training sessions.
Training Curriculum
Course Introduction
Review Tigera’s Calico product offerings
Explain the functionalities of Calico Enterprise/Calico Cloud’s main components
Hands-on lab
Calico Security Policy
Review Calico Security Policy
Advanced security policy tooling
Security Policy dataplane deep-dive
Hands-on lab
Calico Host Microsegmentation
Calico Host Endpoint Protection for complete protection
Deploy, configure, and manage host endpoint policies
Hands-on lab
DNS Policy
Calico DNS Policy deep-dive
Policy examples and troubleshooting
Hands-on lab
Security Policy Best Practice
Design considerations for Calico Security Policies
Advanced tooling and labelling best practices
Kubernetes Network Encryption
Network encryption using WireGuard
WireGuard configuration, tooling, and best practices
Hands-on lab
Observability with Calico
Why observability is necessary in Kubernetes
Calico Enterprise observability tools and best practices
Hands-on lab
Compliance Reporting
Calico Compliance Dashboards and Reports
Customizable report configuration
Hands-on lab
Multicluster Management and Federation
Advantages of the Calico Cluster Mesh
Calico Cluster Mesh configuration
Prerequisites
Trainees are required to have basic knowledge in Kubernetes networking and security, including:
- Basic knowledge in Linux kernel and networking
- Basic knowledge in Kubernetes
- Basic knowledge in infrastructure security, including firewalls
Following is a list of recommended trainings to acquire basic knowledge in Kubernetes and Calico Networking and Security:
