Leveraging Your Firewall Investment to Protect Kubernetes Clusters

Next-generation firewalls provide advanced security features such as live threat feeds, intrusion detection, and tools used by the security operations center to identify and resolve security incidents. Firewall rules are based on IP addresses to allow or deny traffic using a zone-based architecture. However, this model begins to break down in the dynamic environment of Kubernetes, where IP addresses are transient, and the static IP approach used in firewalls cannot be applied.

In this Office Hours, you will learn:

• How you can leverage your existing investment in firewalls and extend their familiar zone-based security architecture into the Kubernetes environment
• How Calico can provide universal firewall integration through the Calico Egress Gateway
• How you can use Calico to integrate with popular firewall managers like Fortinet FortiGuard and Palo Alto Networks Panorama