$30 off During Our Annual Pro Sale. View Details »
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
DevOps Exchange London – Network Security at Monzo
Search
Oliver Beattie
January 26, 2017
Technology
0
250
DevOps Exchange London – Network Security at Monzo
Oliver Beattie
January 26, 2017
Tweet
Share
More Decks by Oliver Beattie
See All by Oliver Beattie
Anatomy of a Production Kubernetes Outage – Kubecon EU 2018
obeattie
4
4.6k
Building a Bank with Kubernetes – Kubecon 2016
obeattie
1
590
Building a Bank with Kubernetes – Kubernetes London Meetup, Autumn 2016
obeattie
10
47k
Other Decks in Technology
See All in Technology
アラフォーおじさん、はじめてre:Inventに行く / A 40-Something Guy’s First re:Invent Adventure
kaminashi
0
140
株式会社ビザスク_AI__Engineering_Summit_Tokyo_2025_登壇資料.pdf
eikohashiba
1
110
たまに起きる外部サービスの障害に備えたり備えなかったりする話
egmc
0
410
MySQLとPostgreSQLのコレーション / Collation of MySQL and PostgreSQL
tmtms
1
1.2k
AI with TiDD
shiraji
1
280
Oracle Database@AWS:サービス概要のご紹介
oracle4engineer
PRO
1
400
Oracle Database@Google Cloud:サービス概要のご紹介
oracle4engineer
PRO
1
760
Strands Agents × インタリーブ思考 で変わるAIエージェント設計 / Strands Agents x Interleaved Thinking AI Agents
takanorig
5
2.1k
20251203_AIxIoTビジネス共創ラボ_第4回勉強会_BP山崎.pdf
iotcomjpadmin
0
140
特別捜査官等研修会
nomizone
0
570
AIBuildersDay_track_A_iidaxs
iidaxs
4
1.3k
「もしもデータ基盤開発で『強くてニューゲーム』ができたなら今の僕はどんなデータ基盤を作っただろう」
aeonpeople
0
240
Featured
See All Featured
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
141
34k
Writing Fast Ruby
sferik
630
62k
Money Talks: Using Revenue to Get Sh*t Done
nikkihalliwell
0
120
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
659
61k
Faster Mobile Websites
deanohume
310
31k
Creating an realtime collaboration tool: Agile Flush - .NET Oxford
marcduiker
35
2.3k
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
twada
PRO
115
93k
More Than Pixels: Becoming A User Experience Designer
marktimemedia
2
260
How to Talk to Developers About Accessibility
jct
1
85
The Straight Up "How To Draw Better" Workshop
denniskardys
239
140k
Side Projects
sachag
455
43k
Jess Joyce - The Pitfalls of Following Frameworks
techseoconnect
PRO
1
31
Transcript
Oliver Beattie @obeattie Head of Engineering, Monzo
None
None
None
None
None
Pre-application 9 months Application 6 months Mobilisation 4–8 months
Isolation Authentication
Isolation Authentication
k8s-master Availability Zone A Availability Zone B Availability Zone C
admin user data k8s-worker dmz
k8s-master Availability Zone A Availability Zone B Availability Zone C
k8s-worker dmz
None
None
+
apiVersion: extensions/v1beta1 kind: NetworkPolicy metadata: name: com.monzo.mastercard.proxy spec: podSelector: matchLabels:
stage: prod routing-name: com.monzo.mastercard.proxy ingress: - from: - podSelector: matchLabels: stage: prod routing-name: com.monzo.mastercard.processor ports: - protocol: tcp port: 80
“Cluster-aware” netfilter/iptables under the hood Filtering at “both ends” No
control over egress Only understands TCP/UDP Proxies
Isolation Authentication
Host A Host B Service A linkerd Service B linkerd
Host A Host B Service A linkerd Service B linkerd
Host A Host B Service A linkerd Service B linkerd
CA CA CA Vault
Secret management Message signing Transaction authorisation Secure build Audit logging
WAN tunnels
IPSec StrongSwan (IPSec) Hardware VPN device Services Services Services AWS
Co-location Third parties
monzo.com/careers
& Questions
@obeattie
obeattie
kaminashi
eikohashiba
egmc
tmtms
shiraji
oracle4engineer
takanorig
iotcomjpadmin
nomizone
iidaxs
aeonpeople
eileencodes
sferik
nikkihalliwell
lemiorhan
deanohume
marcduiker
twada
marktimemedia
jct
denniskardys
sachag
techseoconnect
