Tigera Events

Troubleshooting microservices in AWS and Calico for Kubernetes Environment

Topics:

Observability
Americas
July 27, 2021
10:00 am PDT

Explore Tigera Events

  • AVAILABILITY

  • CATEGORY

  • REGION

  • TOPIC

Talk to Experts for your EKS Security and Observability Concerns

As you design, deploy, and observe security and networking policies in an EKS environment, you have questions to do it right. This interactive live 60-minute session is designed to provide you with right information and address your questions real time to implement Kubernetes security and observability correctly in your EKS environment.

In this office hours, you will get an understanding of how others in your industry are doing Kubernetes security and observability in AWS EKS, and with best practices that you can implement in your own organization.

    Solving PCI Compliance Challenges in Dynamic Kubernetes Environments

    Increased adoption of containers and cloud platforms has resulted in a proliferation of new security risks. The dynamic nature of Kubernetes can create challenges for organizations with PCI-DSS regulatory compliance requirements. To compound this challenge, developers and site reliability engineers are now being asked to secure the services they own despite having little prior experience or training in security best practices.

    Calico Enterprise and Calico Cloud can automate threat detection, minimize risk and help you successfully address PCI-DSS compliance requirements. Calico continuously monitors and logs Kubernetes environments for compliance purposes, helping DevOps as well as SOC teams maintain the security posture needed to get to production faster. And Calico’s common security model works with any public cloud service in a hybrid or multi-cloud configuration, any Kubernetes distribution, and with VMs and bare metals.

    In this webinar you will learn:

    • How Calico automates and simplifies PCI-DSS compliance monitoring, enforcement, and audit by tracking all policy changes and retaining a daily history of your compliance status
    • How Calico enables you to easily access audit reports showing the network security rules in place, and demonstrate proof of compliance for your security team and auditors
    • How Calico can help you streamline your compliance program with pre-defined compliance report formats, as well as a resource to create customized reports

      Hands-on workshop: Kubernetes observability design and implementation for any distro, any cloud and any application

      Deep dive hands-on workshop with a Calico expert to design and implement Kubernetes observability

      90-mins interactive lab with your own provisioned Calico Cloud environment is designed to provide more complete knowledge on:

      – Run-time visualization of traffic flow and security policies
      – Service-level observability
      – DNS dashboards
      – Anomaly detection and live troubleshooting on a pod or collection of pods

      You will learn best practices that you can implement, and gain an understanding of how others in your industry are doing Kubernetes observability in AWS, Azure, GCP, and private cloud environments today.

      We have limited the number of participants for this workshop to ensure adequate attention can be given to each participant.

      Register now to reserve your spot!

        Hands-on workshop: Cyber Threat Protection Strategies & Tactics for Kubernetes

        Due to the ephermeral, dynamic and highly distributed nature of Kubernetes deployments, they are vulnerable to cyber attacks. In this interactive workshop a Kubernetes security expert will help you design how to protect Kubernetes environments from cyber threats. This 90-minute hands-on lab with your own provisioned Calico Cloud environment is designed to provide more complete knowledge on how to implement:

        -Egress access controls & DNS policies to prevent unauthorized access
        -Microsegmentation to prevent lateral movement of cyber threats
        -Intrusion detection & prevention tactics

          Live Demo & Office Hours: Enable Self-Service Security for DevOps

          When a new microservice is added to a secure cluster, it must be deployed along with a security policy to enable the service to communicate with other services and APIs. Typically, a central control reviews or creates policies for every microservice deployment to avoid existing policies from being overwritten. This process doesn’t scale, and hampers development teams. Calico empowers Dev teams and SREs to make security policy changes on a self-service basis, by representing policies as code that is deployed alongside your applications and workloads. This dramatically improves the pace of app deployment into protected clusters.

          In this session, you will learn:
          – How Calico’s security policy-as-code approach fully automates the end-to-end app deployment process, including configuring any necessary security changes
          – How Calico policy tiers are used to visually define the order in which security policies are evaluated
          – How you can use Calico to automate validation steps that ensure your security policy works properly before being committed

            Live Demo & Office Hours: Amazon EKS Security and Observability

            As you design, deploy, and observe security and networking policies in an EKS environment, you will likely have questions. This 60-minute interactive session is designed to address your questions in real time and provide you with the information you need to implement Kubernetes security and observability correctly in your EKS environment.

            In this Live Demo & Office Hours, you will gain an understanding of how others in your industry are doing Kubernetes security and observability in AWS EKS, and will come away with best practices you can implement in your own organization.

              Live Demo & Office Hours: Amazon EKS Security and Observability

              As you design, deploy, and observe security and networking policies in an EKS environment, you will likely have questions. This 60-minute interactive session is designed to address your questions in real time and provide you with the information you need to implement Kubernetes security and observability correctly in your EKS environment.

              In this Live Demo & Office Hours, you will gain an understanding of how others in your industry are doing Kubernetes security and observability in AWS EKS, and will come away with best practices you can implement in your own organization.

                Live Demo & Office Hours: Extending Firewalls to Kubernetes

                Next-generation firewalls provide advanced security features such as live threat feeds, intrusion detection, and tools used by the security operations center to identify and resolve security incidents. Firewall rules are based on IP addresses to allow or deny traffic using a zone-based architecture. However, this model begins to break down in the dynamic environment of Kubernetes, where IP addresses are transient, and the static IP approach used in firewalls cannot be applied.

                In this Office Hours, you will learn:
                – How you can leverage your existing investment in firewalls and extend their familiar zone-based security architecture into the Kubernetes environment
                – How Calico can provide universal firewall integration through the Calico Egress Gateway
                – How you can use Calico to integrate with popular firewall managers like Fortinet FortiGuard and Palo Alto Networks Panorama

                  4-ways to quickly identify and troubleshoot service-level connectivity issues in Kubernetes clusters

                  Are you worried about your application’s overall health when running in a Kubernetes environment? Calico Cloud extends observability in your Kubernetes environment so you can get actionable answers.

                  In this 45 min webinar, you will learn from a real-world example how to do the following in your environments:

                  – Dynamically generate a service graph to understand how microservices are behaving and interacting with one another at runtime;

                  – Have customized views (aka Layers) to address your specific observability requirements;

                  – Generate shareable graphs with all required cross-organizational information to help teams collaborate; and

                  – Get a 360-degree visualization of communication covering namespaces, pods, and microservices

                  – Take corrective actions such as implementing security policy based on live observability

                   

                    Troubleshooting microservices in AWS and Calico for Kubernetes Environment

                    Join us to learn about what are most common Kubernetes security and observability challenges AWS users face for cloud-native applications. We will also go through how to observe, monitor, and address these issues for Cloud-native applications in AWS with Calico across the Kubernetes environment. In this session we will discuss:

                    – Speed up problem identification and troubleshooting with a live view of communication between namespaces, microservices, and deployments.
                    – DNS information categorized by microservices and workloads to determine whether DNS is the root cause for application connectivity issues.
                    – Detect and prevent anomalous behaviors such as attempts to access applications, restricted URLs, and scans for particular URLs.
                    – Reduce the time with live troubleshooting of service-to-service connectivity issues with Dynamic Packet Capture