Tigera Events

AWS Dev Day: Hands-on EKS workshop for K8s security and observability

Topics:

Observability Security
Americas
October 21, 2021
10:00 am PDT

Explore Tigera Events

  • AVAILABILITY

  • CATEGORY

  • REGION

  • TOPIC

Deep dive hands-on workshop with a Calico expert to design and implement Kubernetes observability

90-mins interactive lab with your own provisioned Calico Cloud environment is designed to provide more complete knowledge on:

  • Run-time visualization of traffic flow and security policies
  • Service-level observability
  • DNS dashboards
  • Anomaly detection and live troubleshooting on a pod or collection of pods

You will learn best practices that you can implement, and gain an understanding of how others in your industry are doing Kubernetes observability in AWS, Azure, GCP, and private cloud environments today.

We have limited the number of participants for this workshop to ensure adequate attention can be given to each participant.

Register now to reserve your spot!

    In this joint Microsoft and Tigera AKS-focused hands-on workshop for containers and Kubernetes security and observability, you will work with Microsoft and Calico experts to learn how to design, deploy, and observe security and networking policies in an AKS or Microsoft Azure environment. This 90-minute hands-on lab with your own provisioned AKS and Calico Cloud environment is designed to provide more complete knowledge on how to implement:

    • Pod-based workload access controls
    • DNS as a policy
    • Live troubleshooting with Dynamic Service Graph and Dynamic Packet Capture
    • Compliance and reporting (PCI, SOC2 and CIS benchmarks)

    You will come away from this workshop with an understanding of how others in your industry are doing security and observability for containers and Kubernetes in Microsoft AKS, and with best practices that you can implement in your own organization.

    We have limited the number of participants for this workshop to ensure adequate attention can be given to each participant.

    Register now to reserve your spot!

     

      In this EKS-focused workshop for Kubernetes security and observability, you will work with a Calico and AWS expert to learn how to design, deploy, and observe security and networking policies in an EKS environment. This 90-minute hands-on lab with your own provisioned Calico Cloud environment is designed to provide more complete knowledge on how to implement:

      • Access controls
      • DNS policy
      • Dynamic Service Graph
      • Compliance and reporting
      • Observability and troubleshooting

      You will come away from this workshop with an understanding of how others in your industry are doing Kubernetes security and observability in AWS EKS, and with best practices that you can implement in your own organization.

      We have limited the number of participants for this workshop to ensure adequate attention can be given to each participant.

      Register now to reserve your spot!

        Without proper security controls, containers and Kubernetes become an ideal target for attackers. In this workshop, a Kubernetes security expert will show you how to design policies to securely and granularly control workload access between Kubernetes clusters and external resources like APIs and applications.

        This 90-minute, hands-on lab with your own provisioned Calico Cloud environment is designed to provide more complete knowledge on how to:

        • Author DNS policies that implement fine-grained access controls between an individual pod or namespace and external services
        • Specify the CIDR IPs to use in a network policy, and eliminate the need to manually update all the access control policies when one end of the communication is a large set of CIDR IPs
        • Build a common segmentation model through a unified policy framework that works across all of your environments, and segments workloads including bare metal, hosts, VMs, containers, and microservices

          Rolling out an application without appropriate access controls can expose the business to multiple risks that include:

          • Unauthorized access to applications and data
          • Exposure of sensitive data, such as personally identifiable information (PII)
          • Non-compliance with corporate and industry regulations
          • Potential introduction of malware and ransomware

          In this webinar we will explore how you can accelerate your application modernization journey and integrate container and Kubernetes workloads with external APIs, applications, databases and public clouds without compromising any requirements for security or compliance.

          Calico provides you with three methods to enable fine-grained access controls between your Kubernetes environment and external resources such as databases, cloud services, APIs, and other applications that are protected behind a firewall.

          • Egress Gateway – Enforce workload access controls from a firewall outside the cluster
          • DNS Policy – Enforce workload access controls from within the cluster
          • Network Sets: Global and Namespaced – Apply policy and CIDR ranges to control traffic going to or coming from external, non-Calico networks

            In this EKS-focused hands-on workshop for containers and Kubernetes security and observability by AWS and Tigera, you will work with AWS and Calico experts to learn how to design, deploy, and observe security and networking policies in an EKS or AWS EC2 environment. This 90-minute hands-on lab with your own provisioned EKS and Calico Cloud environment is designed to provide more complete knowledge on how to implement:

            – Pod-based workload access controls
            – DNS as a policy
            – Live troubleshooting with Dynamic Service Graph and Dynamic Packet Capture
            – Compliance and reporting (PCI, SOC2 and CIS benchmarks)

            You will come away from this workshop with an understanding of how others in your industry are doing security and observability for containers and Kubernetes in AWS EKS, and with best practices that you can implement in your own organization.

            We have limited the number of participants for this workshop to ensure adequate attention can be given to each participant.

            Register now to reserve your spot!

              In this EKS-focused workshop for Kubernetes security and observability, you will work with a Calico and AWS expert to learn how to design, deploy, and observe security policies in an EKS environment. This 90-minute hands-on lab with your own provisioned Calico Cloud environment is designed to provide more complete knowledge on how to implement:

              – Workload access controls
              – DNS policy
              – Live visualization with Dynamic Service Graph
              – Compliance and reporting
              – Observability and troubleshooting

              You will come away from this workshop with an understanding of how others in your industry are doing Kubernetes security and observability in AWS EKS, and with best practices that you can implement in your own organization.

              We have limited the number of participants for this workshop to ensure adequate attention can be given to each participant.

              Register now to reserve your spot!

                Kubernetes workloads are highly dynamic, ephemeral, and are deployed on a distributed and agile infrastructure. As a result, faster troubleshooting Kubernetes workload is challenging. Teams require better visibility, the contextual information of their different microservices, their dependencies, how they are interconnected, and which other clients and applications access them.In this session we will walk you through the must-have steps to do faster troubleshooting:

                – Live view of communication between namespaces, microservices, and deployments.
                – Leverage contextual and correlated data to determine root cause for application connectivity.
                – Kubernetes-native way to capture packets from a specific pod or collection of pods with specified packet sizes and duration
                – Preview, stage and deploy the solution

                  A deep-dive interactive workshop with a Calico expert who will help you to design your next step in Kubernetes security. This 90-minute hands-on lab with your own provisioned Calico Cloud environment is designed to provide more complete knowledge on how to implement:

                  • Workload access controls
                  • DNS policies
                  • Dynamic Service Graph
                  • Logging
                  • Compliance

                  You will come away from this workshop with an understanding of how others in your industry are doing Kubernetes security and observability in AWS, Azure, GCP, and private cloud environments, and with best practices that you can implement in your own organization.”

                  We have limited the number of participants for this workshop to ensure adequate attention can be given to each participant.

                  Register now to reserve your spot!

                    With the growth in the Kubernetes environment, teams grapple with various networking, security, and troubleshooting challenges. For example:

                    Networking

                    • Network encapsulation or routable IPs
                    • Prevent IP exhaustion
                    • Security-as-policy and data-in-transit encryption

                    Security

                    • Workload access controls
                    • Cluster-based vs node-based vs pod-based
                    • Micro-segmentation
                    • Build threat detection and prevention
                    • IP address and domain name threat feeds
                    • DNS-based attacks and defense

                    Troubleshooting

                    • Live visualization with Dynamic Service Graph
                    • In-line data aggregation and correlation
                    • Dynamic Packet Capture

                    Join this webinar, to learn the high-level container and Kubernetes networking decision tradeoffs, and best practices for securing, monitoring, and troubleshooting your cloud environment derived from the feedback of hundreds of Calico users.