Slide 1

Slide 1 text

HOW TO SECURE EDGE COMPUTE A PRIMER ON

Slide 2

Slide 2 text

Sr. Developer Advocate at HashiCorp he / him @ksatirli Kerim Satirli

Slide 3

Slide 3 text

41 : 02

Slide 4

Slide 4 text

# " " " " " "

Slide 5

Slide 5 text

Cloud Edge ☁

Slide 6

Slide 6 text

edge com·put·ing noun computing that takes place at or near the physical location of the producer or consumer of data. point of presence mobile datacenter Similar:

Slide 7

Slide 7 text

Challenges trackers must be easy to enroll trackers can break rogue trackers lead to bad data trackers identify people

Slide 8

Slide 8 text

Challenges instances must be easy to enroll instances can break rogue instances lead to bad data instances identify services

Slide 9

Slide 9 text

Off-shore Challenge: Enrollment On-shore ▪ establish trust between network and device ▪ ensure device works ▪ disable (without removing) device in network gateway ▪ establish allowlist ▪ re-enable previously activated device ▪ ensure device works

Slide 10

Slide 10 text

Challenge: Enrollment device_id 11569343838664 device_rev v1 device_key vault:v1:Ajxr/3+mxye8d0tQWoGMlBkf3XW5aDjz+Pobt0Y2uzmfs6E= device_activated TRUE device_state 2x5

Slide 11

Slide 11 text

= Challenge: Identification

Slide 12

Slide 12 text

Challenge: Replacement employee_id A.643838.X3 employee_team_id A.589 device_id 11569343838664 device_link_date 1691514302 previous_device_id 11569343838663

Slide 13

Slide 13 text

mutual TLS for gateway-to-cloud transform sanitized data to make it actionable inspect payload for rogue tracker data Ingress Protection

Slide 14

Slide 14 text

Data Visualization https://tracking-maps.svcs.dev/#/overview # " " " " " "

Slide 15

Slide 15 text

(Network) Security is a Team Sport.

Slide 16

Slide 16 text

speakerdeck.com/ksatirli