Slide 1

Slide 1 text

1 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY

Slide 2

Slide 2 text

2 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY Product Overview, Strategy, and Roadmap Update November 2022 THE CLOUD CONNECTIVITY COMPANY

Slide 3

Slide 3 text

3 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 3 The following slides may contain information related to upcoming products, features and functionality. The content is presented for informational purposes only and subject to change or delay without notice. The development, release and timing of products, features or functionality are at the sole discretion of Kong Inc.

Slide 4

Slide 4 text

Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 4 Become Agile DevOps, GitOps, CI/CD, IaC Go Cloud Native Modernize & Migrate { REST } Microservices Mesh Serverless Monolith SOAP Unlock New Use Cases Real-time, IoT, and beyond IoT Real-time Omnichannel AI / ML Mobile Customer 360

Slide 5

Slide 5 text

The Future of Software is Distributed APIs & Microservices Are Increasing Exponentially 65% 87% 100%+ Increasing investment in APIs and Microservices1 Will fall behind if they fail to adopt APIs and Microservices2 YoY growth of APIs and Microservices worldwide3 1 Mckinsey CIO Survey 2 Vanson Bourne 3 Gartner Research

Slide 6

Slide 6 text

Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 6 Exploding APIs = Reliability Challenges NETWORK TRAFFIC L4/L7 FUTURE 2002 WE’RE ONLY HERE! 2022 APIS AND MICROSERVICES

Slide 7

Slide 7 text

Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 7 SOAP & REST Edge Monolithic Baremetal, VMs Data Center PROTOCOLS CONNECTIVITY PATTERNS APPLICATION TYPES PLATFORMS ENVIRONMENTS APIs Have Evolved, Legacy API Management Hasn’t # OF SERVICES AND AGILE TEAMS CONTROL AND VISIBILITY LEGACY TECH STACK REST, gRPC, GraphQL, Kafka Ingress, Service Mesh Microservices, Serverless Containers, Kubernetes Multi-region, Multi-cloud, Hybrid MODERN TECH STACK

Slide 8

Slide 8 text

Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 8 Kong Enterprise Kong Mesh Kong Insomnia Kong Konnect The Kong API Platform - E2E APIm platform - Kong API Gateway - Apps: Portal and Vitals - 100% self-managed (on-prem) - SaaS E2E APIm platform - Kong API Gateway - Apps: Portal, Vitals, ServiceHub and Runtime Manager - Cloud control plane - and apps, self- - managed data - planes - Easy to use and operate service mesh - Built on Kuma CNCF project - Most popular OSS API developer tool - Browse, design, and test APIs - Integrated into Kong Enterprise and Kong Konnect via APIOps

Slide 9

Slide 9 text

Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 9 Kong Enterprise Kong Mesh Kong Insomnia Kong Konnect (Cloud) Kong API Gateway Service Mesh API Explorer API Designer API Testing Platform Platform Portal Vitals Portal Service Hub Vitals Runtime Manager K8s Ingress Controller Kong Manager Community and Enterprise Plugins The Kong API Platform Outside of the scope of this presentation Inso CLI AuthN / AuthZ decK CLI Self-managed (i.e. on-prem) Kong hosted (i.e. cloud/saas)

Slide 10

Slide 10 text

10 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY Decentralization and Automation with APIOps - Infra as code/config ⇔ API - 🥕 vs 🏒 governance - Enables speed, reliability, and re-use - Enables distributed autonomy with control - Benefits all: Devs, Architects, Operators

Slide 11

Slide 11 text

Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 11 Kong Enterprise Kong Mesh Kong Insomnia Kong Konnect (Cloud) Kong API Gateway Service Mesh API Explorer API Designer API Testing Platform Platform Portal Vitals Portal Service Hub Vitals Runtime Manager K8s Ingress Controller Kong Manager Community and Enterprise Plugins First stop ⇒ The Kong API Gateway Inso CLI AuthN / AuthZ decK CLI decK CLI

Slide 12

Slide 12 text

12 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 12 Kong Gateway - 🌍 most 😍 API gateway - Thriving OSS community - 100% API/declarative config driven - Multi-🌥 and multi-protocol - 🚀 performance - Rich OOTB plugin ecosystem Today 2.7 (Dec) ● Secret Management P1 ● Consumer Groups ● KM OIDC Wizard 2.8 (Mar) ● FIPS-2 ● Secret management (Beta) 3.0 (Sep) ● Router optimization ● Plugin ordering ● Secret manager-GA 3.1 (Dec) ● SAML2 ● OAS validation ● AppDynamics ● Datadog

Slide 13

Slide 13 text

13 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 13 API Product Tiers with Consumer Groups Event Gateway with Kafka Plugin API AutN via OIDC and mTLS Secret Management - AWS, GCP, Vault FIPS 140-2 Validated Powerful GraphQL Enhancement Advanced Data Transformation - jQ, Config OPA Policy driven Traffic Mgmt Developer Speed with API Mocking Highlights of Kong Gateway Enterprise Cloud-Native Connectivity Capabilities FIPS 140-2 API

Slide 14

Slide 14 text

14 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 14 Kong Gateway 3.0 Core Performance - Resource optimizations - More scalable inter-worker communication Event and Timer New Route Optimization - Configuration local persistence - Improved performance Fake Nginx request Timer coroutine Timer library worker http-log flush request http-log flush request http-log flush request http-log flush request http-log flush request - New Router object - More powerful Routes - Lay the foundation for incremental configuration change

Slide 15

Slide 15 text

15 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 15 Kong Gateway 3.0 Plugins Secret Management (GA) - Modify the default plugin execution order - Without the need to change plugin code - No need to package another version of the same plugin with different priority value Plugin Ordering Open Telemetry-Tracing - Support open telemetry - Instrumentation of trace and span - Hashi Vault and AWS Secret Manager integration - Referenceable secrets for more secure deployments - Used in custom and bundled plugins

Slide 16

Slide 16 text

16 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 16 Kong Gateway Flagship Features LMDB New Route Optimization Plugin Ordering Secrets Management Websocket Support FIPS 140-2 Kong Manager 3.0 LDAP Group Authentication OpenTelemetry New Router UBI + Slim Images

Slide 17

Slide 17 text

17 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 17 Kong Gateway Flagship Features LMDB New Route Optimization Plugin Ordering Websocket Support FIPS 140-2 LDAP Group Authentication UBI + Slim Images Secrets Management Kong Manager 3.0 OpenTelemetry New Router

Slide 18

Slide 18 text

18 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY New Router 18

Slide 19

Slide 19 text

19 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY ■ Kong Gateway 3.0 ships with a new router ■ The router is what helps Kong decide which upstream to forward inbound requests to ■ The new router can be used in traditional-compatible mode, or using a new expression based language What is it? 19

Slide 20

Slide 20 text

20 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 20 ■ Comparable performance for commonly used scenarios ■ Incremental rebuilds ○ By leveraging efficient data structures instead of function closures for matching optimization ■ More expressive format ○ Reduced cardinality ○ Reduced expensive regexs ■ Unified implementation for all users ○ Kong DP, Koko, Kong Manager, … Design Goals

Slide 21

Slide 21 text

21 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY A DSL-based approach "protocols": ["http", "https"], "methods": ["GET", "POST"], "hosts": ["example.com" , "foo.test"], "paths": ["/foo", "/bar"], "headers": {"x-another-header":["bla"], "x-my-header":["foo", "bar"]}, 2.x 3.x (net.protocol == "http" || net.protocol == "https") && (http.method == "GET" || http.method == "POST") && (http.host == "example.com" || http.host == "foo.test") && (http.path ^= "/foo" || http.path ^= "/bar") && http.headers.x_another_header == "bla" && (http.headers.x_my_header == "foo" || http.headers.x_my_header == "bar") 21

Slide 22

Slide 22 text

22 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 22 ■ Reduced router rebuild time when changing Kong’s configuration ○ Reduced P99 latency from 1.5s to 0.1s with 10,000 routes ■ Powerful routing language that can handle complex routing requirements ■ Increased runtime performance when routing requests Business Benefit

Slide 23

Slide 23 text

23 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY OpenTelemetry 23

Slide 24

Slide 24 text

24 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 24 ■ OpenTelemetry (OTel) is a collection of tools, APIs and SDKs to instrument, collect and export telemetry data for your software ■ Use it to understand what your software is doing, how it’s performing and where time is being spent during execution What is it?

Slide 25

Slide 25 text

25 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 25 ■ Allows DevOps and SRE teams to understand where time is being spent when running Kong Gateway to help tune performance ■ Provides a Plugin Development Kit (PDK) to enable customers to instrument their own custom plugins Business Benefit

Slide 26

Slide 26 text

26 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY Kong Manager 26

Slide 27

Slide 27 text

27 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 27 ■ Kong Manger is a UI that we provide to help customers configure and monitor their Kong deployment ■ Kong Manager 3.0 ships a new design and improved user experience (including more tooltips) What is it?

Slide 28

Slide 28 text

28 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 28

Slide 29

Slide 29 text

29 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY Secrets Management 29

Slide 30

Slide 30 text

30 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 30 ■ Store sensitive information in external vaults, such as AWS Secrets Manager, Google Cloud Secrets Manager or Hashicorp Vault ■ Secrets can be used for any kong.conf value, and specific plugins (with more being added each release) ■ Automatic secret rotation is supported for some values (such as Postgres password) What is it?

Slide 31

Slide 31 text

31 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 31 ■ Ensure these Sensitive Keys used in Kong Deployments are: ○ Secrets are not inadvertently visible throughout Kong’s platform (e.g decK configurations, logs, Manager UIs) which may lead to unauthorized access. ○ Secrets can be securely stored, tightly controlled and are auditable by IT organizations ■ Move from “Secret Sprawl” to Centralization ○ Customers can leverage their own centrally managed secret management infrastructure to ensure sensitive information necessary for Gateway operations is up-to-date and adheres to IT security policies Business Benefit

Slide 32

Slide 32 text

32 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 32 1) Use pre-built “Connectors” to AWS Secret Manager, Hashicorp Vault and Google Cloud Secret Manager 2) Reference secrets using a simple and intuitive variable used throughout Kong configurations: {vault://driver/secret/path} 3) Automatically resolve secrets on Kong Data Planes whose secret values only exist in memory and are obfuscated throughout the deployment. Key Features

Slide 33

Slide 33 text

33 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY Architecture 33

Slide 34

Slide 34 text

34 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY – Original Timer – Timer library 34 Timer Library Make Callback Functions Scalable

Slide 35

Slide 35 text

35 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY wrk -c 10000 -t 36 -d 3m --latency http://localhost:8080 35 Events Library Improved inter-worker communication

Slide 36

Slide 36 text

36 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 36 New Storage Engine for Hybrid and DB-less LMDB

Slide 37

Slide 37 text

37 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 37 Kong Gateway 3.1 (ETA: End of November) Headless Scale-out - On-demand granularity control of logs for Day 2 operations. Dynamic Log Level Changes More OOTB Plugins - AppDynamics and Datadog - SAML 2.0 Authentication - JWT Encryption & Decryption - Open API Spec validation - XML threat-protection - - DPs can scale out even with no connection to Control Plane - DPs can navigate your forward proxies

Slide 38

Slide 38 text

38 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY - Token based authentication - Gateway 3.0 plugin ordering and secret management support 38 decK Command Line Interface - Configure Kong gateways - Configure Konnect runtime groups - Drift detection, backup and restore - Distributed configuration Today Roadmap Roadmap kong.yaml _format_version: '1.1' services: - name: Mockbin host: mockbin.org port: 443 protocol: https retries: 3 read_timeout: 60000 write_timeout: 60000 routes: - name: endpoint1 paths: - /endpoint1 preserve_host: false protocols: - http - https regex_priority: 0 strip_path: true plugins: - name: acl enabled: true

Slide 39

Slide 39 text

39 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 39 Kong Kubernetes Ingress Controller - Kong API Gateway 💪 via K8s CRDs - Kubernetes Gateway API support - Integrated Prometheus metrics - Plugin-in Istio gateway support - Kong Gateway Operator - Konnect Platform integrations - Create svc in portal from k8s - Create Gateways directly from Konnect Today Roadmap

Slide 40

Slide 40 text

40 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 40 Kong Gateway Looking Beyond 3.0

Slide 41

Slide 41 text

41 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY Other Runtimes KONG GATEWAY WasmX - Multi-language connectivity support ● Write Connectivity Logic in a WASM supported language ● Compile to WASM and run on any WASM supported runtime layer ● Go, Rust, and JavaScript are P1 WASM CONNECTIVITY RUNTIME LAYER KONG MESH Side-car Logic Edge Traffic Logic Edge Traffic Logic

Slide 42

Slide 42 text

42 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY Project Kayak (Internal Name) {"Geeks":[ { "firstName":"Vivek", "lastName":"Kothari" }, { "firstName":"Suraj", "lastName":"Kumar" }, { "firstName":"John", "lastName":"Smith" }, { "firstName":"Peter", "lastName":"Gregory" } ]} Vivek Kothari Suraj Kumar John Smith Peter Gregory input to json KScript GATEWAY MESH Compiled to

Slide 43

Slide 43 text

Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 43 Kong Konnect (Cloud) Kong Enterprise Kong Mesh Kong Insomnia Kong API Gateway Service Mesh API Explorer API Designer API Testing Platform Platform Portal Vitals Portal Service Hub Vitals Runtime Manager K8s Ingress Controller Kong Manager Community and Enterprise Plugins Next ⇒ Kong Konnect complements the 🌍 most 😍 API gateway Inso CLI AuthN / AuthZ decK CLI decK CLI

Slide 44

Slide 44 text

Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 44 Traffic

Slide 45

Slide 45 text

45 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY Decentralization and Automation with APIOps - Infra as code/config ⇔ API - 🥕 vs 🏒 governance - Enables speed, reliability, and re-use - Enables distributed autonomy with control - Benefits all: Devs, Architects, Operators

Slide 46

Slide 46 text

46 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY Federated Governance at Scale RUNTIME FUNCTIONALITY USERS Kong Gateway Kong Mesh Kong Ingress Controler Portal Runtime ServiceHub Vitals Insomnia OPERATORS ENTERPRISE ARCHITECTS DEVELOPERS App Team 1 App Team 2 App Team 3

Slide 47

Slide 47 text

Kong Proprietary and Confidential Kong Konnect Fastest SaaS API platform for multi-cloud environments SaaS-based control plane accelerates deployments and offers expanded APIOps & Full-Lifecycle applications Self-managed runtimes provide flexibility for any hybrid or multi-cloud deployment pattern Gateway Gateway Global Management Plane ServiceHub Runtime Manager Vitals Developer Portal Kong Insomnia* * Kong Insomnia is a Kong product that integrates natively with Kong Konnect.

Slide 48

Slide 48 text

THE CLOUD CONNECTIVITY COMPANY Kong Confidential 48 Konnect Platform - Fine grained teams and role assignment - Generic IdP OIDC federation - Multi-Geo (US & EU) - Personal Access Tokens - Multi-Geo (Australia, Japan) - Next generation platform APIs - Audit logs, Social Login Today Roadmap

Slide 49

Slide 49 text

THE CLOUD CONNECTIVITY COMPANY Kong Confidential 49 Runtime Manager - Multi-cluster Management - Runtime groups: SaaS-delivered “virtual” gateway control planes - Kong Gateway 3.0 - Mixed-version runtime groups - Self-service custom certificates management - API & UI support for consumer groups + secret management - Cloud runtime launchers - include GCP Today Roadmap

Slide 50

Slide 50 text

THE CLOUD CONNECTIVITY COMPANY Kong Confidential 50 Service Hub - Connectivity Registry of Record - Support for Kong & non-Kong services - Versioning and documentation - Streamlined Runtime Manager integration - Contextual insights - Non-Gateway Cataloging Roadmap Today

Slide 51

Slide 51 text

THE CLOUD CONNECTIVITY COMPANY Kong Confidential 51 Developer Portal - Publish your APIs - Customizable - domain, style, templates - Flexible documentation content - Application registration workflows - Multi-version support & version lifecycle - Published administration APIs - Code Level Frontend customization - Portal teams & permissions for content access control Today Roadmap

Slide 52

Slide 52 text

THE CLOUD CONNECTIVITY COMPANY Kong Confidential 52 Analytics - Business API Analytics - Throughput, latency, error rate by route, service, or application - Available in context of service or raw report - Ability to create custom reports - 360 data exploration - Consumer analytics - Custom dashboards Today Roadmap

Slide 53

Slide 53 text

Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 53 Kong Konnect (Cloud) Kong Enterprise Kong Mesh Kong API Gateway Service Mesh Platform Platform Portal Vitals Portal Service Hub Vitals Runtime Manager K8s Ingress Controller Kong Manager Community and Enterprise Plugins Next ⇒ Insomnia the 🌍 most 😍 OSS API developer tool AuthN / AuthZ decK CLI decK CLI Kong Insomnia API Explorer API Designer API Testing Inso CLI

Slide 54

Slide 54 text

54 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 54 Insomnia - Overview - Support for REST, gRPC, and graphQL APIs - Sync and git integration for collaboration - Publish OpenAPI specs to Dev Portal - CLI companion for APIOps in CI/CD - Debug and test Websocket APIs - Login with GitHub and Google - More collaboration with invite flows - RBAC and SSO with Konnect as backend Today Roadmap

Slide 55

Slide 55 text

Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 55 Kong Konnect (Cloud) Kong Enterprise Kong API Gateway Platform Platform Portal Vitals Portal Service Hub Vitals Runtime Manager K8s Ingress Controller Kong Manager Community and Enterprise Plugins Next ⇒ Kong Mesh - Easy to use, powerful, and based on Kuma AuthN / AuthZ decK CLI decK CLI Kong Insomnia API Explorer API Designer API Testing Inso CLI Kong Mesh Service Mesh

Slide 56

Slide 56 text

56 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 56 Kong Mesh - Overview - 15+ service mesh policies - Multi-cluster/cloud, K8s and VMs - Cross-Kong Mesh Communication - Native integration with Kong Gateway - Expanded policies (Policy Selectors 2.0) - eBPF CNI - RBAC Auditing - Mesh Gateway GA Today Roadmap

Slide 57

Slide 57 text

57 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY Oct - Dec: 75% Most Likely Kong Gateway or Kong Enterprise Kong Konnect Kong Insomnia Jan - March: 60% Likely SAML 2.0 Plugin Multi-geo support: Australia Gateway: Secret Mgmt & Consumer Groups Developer & application analytics Kong Manager 3.0 Ongoing Improvements Response Schema Validation FIPS Compliance - Plugins Identity and Runtime Group APIs Konnect Platform Konnect Developer Portal Insomnia Kong Gateway and Kong Ingress Controller Multi-runtime Groups App Reg Multi-geo support AU Cloud Application Rewrite + Refactoring API - Needed for Vision24 Social and EE SSO Invite Flows Dynamic client registration Service Doc Mgmt. Platform APIs AppDynamic Plugin Data Dog Advanced Plugin XML Threat Protection Headless DP Scale-out Dynamic log level changes KIC ⇔ Konnect Integration Contextual API documentation Mocking RBAC Runtime cert mgmt & proxy support Self-managed custom plugins Custom dashboards & drill-down Platform audit logs Cloud Launcher Beta, Gateway 3.1, Runtime UI enhancements RBAC for Portal Content Support for Azure Vault Overall End-to-End Experience Improvements (Key Plugins, APIOps, …)

Slide 58

Slide 58 text

58 Thanks for listening!

Slide 59

Slide 59 text

59 Appendix - Kong Mesh additional Slides

Slide 60

Slide 60 text

60 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY 60 Next 6 months Beyond eBPF - iptables lookup leveraging eBPF Serverless - AWS Lambda support RBAC Auditing - Exact logs of changes SSO - For API and UI Authentication Cross Mesh Discovery - Istio (& other mesh) integrations Top policies - More policies as requested by customers and community (see next slide)

Slide 61

Slide 61 text

61 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY Kong Mesh Policies Roadmap FY 22 SECURITY PROTOCOLS DEPLOYMENT & POLICIES Certificate Rotation Extensible CAs CA Rotation Vault PKI Integration CP Auditing [1] DP Auditing [1.1] FIPS-140 Encryption Additional PKIs OIDC GUI EAR* Secrets [2] EAR* All Resources [2] Universal RBAC Multi-Zone AuthN PKI Compliance Reports DONE DONE ENTERPRISE ENTERPRISE ENTERPRISE ENTERPRISE ENTERPRISE ENTERPRISE ENTERPRISE ENTERPRISE ENTERPRISE ENTERPRISE ENTERPRISE ENTERPRISE DONE DONE DONE CUSTOMER-INFLUENCED IMPLEMENTED IN K8S MODE [1] On K8s via Webhooks [1.1] Envoy configuration [2] Encryption At Rest L4 Routing L4 Traffic Permission L4 Traffic Log L4 Traffic Metrics HTTP Traffic Trace L7 Traffic Routing L7 Traffic Perm. Kafka Traffic Routing Kafka Traffic Perm. Hybrid Mode Security gRPC Routing gRPC Traffic Perm. DONE DONE ENTERPRISE DONE DONE DONE ENTERPRISE ENTERPRISE DONE DONE Simple Universal Hybrid Universal Hybrid Universal DNS Topology GUI UBI Images AWS ECS & Fargate Fault Injection OPA Traffic Mirror Adaptive Routing WASM Filters Rate Limiting Windows Support DONE DONE DONE ENTERPRISE DONE DONE DONE ENTERPRISE ENTERPRISE 2.x PROXY TEMPLATE DONE DONE DONE DONE DONE 2.x 2.x 2.x ENTERPRISE DONE ENTERPRISE 2.x IMPLEMENTED IN K8S MODE

Slide 62

Slide 62 text

62 Kong Proprietary and Confidential THE CLOUD CONNECTIVITY COMPANY Decentralization and Automation with APIOps - Infra as code/config ⇔ API - 🥕 vs 🏒 governance - Enables speed, reliability, and re-use - Enables distributed autonomy with control - Benefits all: Devs, Architects, Operators

Slide 63

Slide 63 text

63 Appendix - Kong ⇔ NeoSec

Slide 64

Slide 64 text

SERVICEHUB PORTAL ANALYTICS RUNTIME MANAGER Enterprise Architects Enable re-use and manage cross-app concerns DEPLOY External Developers Operators DISCOVER PUBLISH TO A MANAGE A A REGISTERED TOA

Slide 65

Slide 65 text

SERVICEHUB PORTAL ANALYTICS RUNTIME MANAGER Enterprise Architects & InfoSec Enable re-use and manage cross-app concerns DEPLOY External Developers Operators DISCOVER PUBLISH TO A MANAGE A A REGISTERED TOA DISCOVERY SECURITY STRENGTHEN SECURITY

Slide 66

Slide 66 text

SERVICEHUB PORTAL ANALYTICS RUNTIME MANAGER Enterprise Architects & InfoSec Enable re-use and manage cross-app concerns DEPLOY External Developers Operators PUBLISH TO A MANAGE A A REGISTERED TOA DISCOVERY SECURITY STRENGTHEN SECURITY

Slide 67

Slide 67 text

Oct - Dec: 75% Most Likely Kong Gateway or Kong Enterprise Kong Konnect Kong Insomnia Jan - March: 60% Likely SAML 2.0 Plugin Multi-geo support: Australia Gateway: Secret Mgmt & Consumer Groups Developer & application analytics Kong Manager 3.0 Ongoing Improvements Response Schema Validation FIPS Compliance - Plugins Workspaces Config Scoping Identity and Runtime Group APIs Konnect Platform Konnect Developer Portal Insomnia Kong Gateway and Kong Ingress Controller Multi-runtime Groups App Reg Multi-geo support EU Cloud Application Rewrite + Refactoring API - Needed for Vision24 Social and EE SSO Invite Flows Dynamic client registration Service Doc Mgmt. Platform APIs AppDynamic Plugin Data Dog Advanced Plugin XML Threat Protection Headless DP Scale-out Dynamic log level changes KIC ⇔ Konnect Integration Contextual API documentation Mocking RBAC Runtime cert mgmt & proxy support Self-managed custom plugins Custom dashboards & drill-down Platform audit logs Cloud Launcher Beta, Gateway 3.1, Runtime UI enhancements RBAC for Portal Content Support for Azure Vault Overall End-to-End Experience Improvements (Key Plugins, APIOps, …)