Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevOps Exchange London – Network Security at Monzo
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Oliver Beattie
January 26, 2017
Technology
0
250
DevOps Exchange London – Network Security at Monzo
Oliver Beattie
January 26, 2017
Tweet
Share
More Decks by Oliver Beattie
See All by Oliver Beattie
Anatomy of a Production Kubernetes Outage – Kubecon EU 2018
obeattie
4
4.6k
Building a Bank with Kubernetes – Kubecon 2016
obeattie
1
590
Building a Bank with Kubernetes – Kubernetes London Meetup, Autumn 2016
obeattie
10
47k
Other Decks in Technology
See All in Technology
OCI Database Management サービス詳細
oracle4engineer
PRO
1
7.4k
Context Engineeringの取り組み
nutslove
0
360
Embedded SREの終わりを設計する 「なんとなく」から計画的な自立支援へ
sansantech
PRO
3
2.5k
CDKで始めるTypeScript開発のススメ
tsukuboshi
1
480
今日から始める Amazon Bedrock AgentCore
har1101
4
410
Context Engineeringが企業で不可欠になる理由
hirosatogamo
PRO
3
620
プロダクト成長を支える開発基盤とスケールに伴う課題
yuu26
4
1.3k
Oracle AI Database 移行・アップグレード勉強会 - RAT活用編
oracle4engineer
PRO
0
100
20260204_Midosuji_Tech
takuyay0ne
1
160
顧客との商談議事録をみんなで読んで顧客解像度を上げよう
shibayu36
0
260
Agile Leadership Summit Keynote 2026
m_seki
1
650
量子クラウドサービスの裏側 〜Deep Dive into OQTOPUS〜
oqtopus
0
130
Featured
See All Featured
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
55
3.2k
Exploring the relationship between traditional SERPs and Gen AI search
raygrieselhuber
PRO
2
3.6k
Lessons Learnt from Crawling 1000+ Websites
charlesmeaden
PRO
1
1.1k
Making Projects Easy
brettharned
120
6.6k
The innovator’s Mindset - Leading Through an Era of Exponential Change - McGill University 2025
jdejongh
PRO
1
93
Reflections from 52 weeks, 52 projects
jeffersonlam
356
21k
A brief & incomplete history of UX Design for the World Wide Web: 1989–2019
jct
1
300
実際に使うSQLの書き方 徹底解説 / pgcon21j-tutorial
soudai
PRO
196
71k
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
54k
GraphQLとの向き合い方2022年版
quramy
50
14k
Navigating Algorithm Shifts & AI Overviews - #SMXNext
aleyda
0
1.1k
職位にかかわらず全員がリーダーシップを発揮するチーム作り / Building a team where everyone can demonstrate leadership regardless of position
madoxten
57
50k
Transcript
Oliver Beattie @obeattie Head of Engineering, Monzo
None
None
None
None
None
Pre-application 9 months Application 6 months Mobilisation 4–8 months
Isolation Authentication
Isolation Authentication
k8s-master Availability Zone A Availability Zone B Availability Zone C
admin user data k8s-worker dmz
k8s-master Availability Zone A Availability Zone B Availability Zone C
k8s-worker dmz
None
None
+
apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: name: com.monzo.mastercard.proxy spec: podSelector: matchLabels:
stage: prod routing-name: com.monzo.mastercard.proxy ingress: - from: - podSelector: matchLabels: stage: prod routing-name: com.monzo.mastercard.processor ports: - protocol: tcp port: 80
“Cluster-aware” netfilter/iptables under the hood Filtering at “both ends” No
control over egress Only understands TCP/UDP Proxies
Isolation Authentication
Host A Host B Service A linkerd Service B linkerd
Host A Host B Service A linkerd Service B linkerd
Host A Host B Service A linkerd Service B linkerd
CA CA CA Vault
Secret management Message signing Transaction authorisation Secure build Audit logging
WAN tunnels
IPSec StrongSwan (IPSec) Hardware VPN device Services Services Services AWS
Co-location Third parties
monzo.com/careers
& Questions
@obeattie
obeattie
oracle4engineer
nutslove
sansantech
tsukuboshi
har1101
hirosatogamo
yuu26
takuyay0ne
shibayu36
m_seki
oqtopus
tammyeverts
raygrieselhuber
charlesmeaden
brettharned
jdejongh
jeffersonlam
jct
soudai
destraynor
quramy
aleyda
madoxten
