Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Protecting Applications with L4 and L7 Network Encryption for TLS/mTLS

Solo.io
July 30, 2020
Programming
0
210

Protecting Applications with L4 and L7 Network Encryption for TLS/mTLS

API Gateways act as a control point for accessing backend application services by external clients and end users. Depending on the request path and the service the client is connecting to, organizations may want to secure it by encrypting the communications.

Gloo is a next generation API Gateway and Kubernetes Ingress controller that connects, manages and secures the request and response traffic from external users to a broad portfolio of backend applications including; monoliths, microservices and serverless. Built using Envoy as the edge proxy in the gateway, Gloo supports L4 and L7 layer traffic to enable TLS and mTLS encryption for your ingress traffic.

Watch the video https://youtu.be/9LlBvSwiFg8
Tutorials https://github.com/solo-io/gloo-ref-arch/tree/master/webinars/encryption
About Gloo https://solo.io/products/gloo
Questions? https://slack.solo.io

Solo.io

July 30, 2020
Tweet

More Decks by Solo.io

See All by Solo.io
Gloo Mesh Enterprise Webinar 12.10.2020
soloio
0
170
Workshop - Service Mesh Hub
soloio
0
89
Wasm-SF Meetup - Creating a "Docker-Like" Experience for Wasm in Envoy
soloio
0
65
What's New in Gloo API Gateway version 1.5
soloio
0
410
Workshop - Service Mesh Hub
soloio
1
91
Can You Replace API Management with Service Mesh?
soloio
0
480
Multi-Cluster Deployment Patterns for Ingress and API Gateways
soloio
0
440
Gloo API Gateway Federation Overview and Demo
soloio
0
380
Gloo 1.4 Release Overview
soloio
0
350

Other Decks in Programming

See All in Programming
Next.js × AWS App Runner × AWS AppSyncで進めるクライアントファーストのWEB開発
okaharuna
6
2.8k
Compose 첫 걸음 || Compose Migration
juhyung
2
100
WebViewと向き合う
mkeeda
1
150
スキル差があるペア_モブプロで効果的な_ドライバーナビゲータ以外のロールの分け方.pdf
yatasunshine
1
200
GDSC NYCU 2023 茶會
rabbitmagician1
1
280
Value and Record Types
hschwentner
0
730
まず Container より始めよ
honey32
9
3k
第2回 AWSとGitHub勉強会 - CodespacesとHelidonの利用 -
ogiwarat
0
140
Maintaining E2E Test Automation as We Transition from View to Compose
tkhs0604
0
620
リアーキテクチャによってどうなりたいか/re-architecture
suzukihoge
2
310
Compose Multiplatform 101
dalinaum
2
380
The PHP Revolution Is Underway: FrankenPHP 1.0 Beta
dunglas
1
8.8k

Featured

See All Featured
Navigating Team Friction
lara
177
12k
We Have a Design System, Now What?
morganepeng
40
6.3k
WebSockets: Embracing the real-time Web
robhawkes
58
6.5k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
6
7.1k
A Philosophy of Restraint
colly
195
15k
Pencils Down: Stop Designing & Start Developing
hursman
115
10k
XXLCSS - How to scale CSS and keep your sanity
sugarenia
239
1.2M
Scaling GitHub
holman
455
140k
How GitHub (no longer) Works
holman
299
140k
Understanding Cognitive Biases in Performance Measurement
bluesmoon
5
660
Dealing with People You Can't Stand - Big Design 2015
cassininazir
352
21k
Designing for Performance
lara
601
66k

Transcript

  1. L4/L7 Network Encryption with
    Gloo API Gateway
    July 30, 2020

    View Slide

  2. 2 | Copyright © 2020
    Secure Networks, Safer Applications
    Challenge
    Backend applications are often exposed as APIs accessible by external clients and end users. This
    creates a potential attack vendor reaching inside the firewall.
    Solution
    Encrypt incoming traffic from external clients over TLS/HTTPS and mTLS with specific clients
    through the API / edge gateway.

    View Slide

  3. 3 | Copyright © 2020
    Gloo API Gateway and Ingress Controller
    ENVOY CONFIG
    CONTROL
    PLANE
    DATA
    PLANE
    END USERS
    Service 1 Service 2
    Next Generation API Gateway
    • Built with Envoy Proxy
    • Kubernetes and Consul Native
    • Monolith, Microservices and
    Serverless Functions
    • Lightweight, performant, secure
    Service 3

    View Slide

  4. 4 | Copyright © 2020
    Companies Using Gloo
    Read their stories at www.solo.io/customers

    View Slide

  5. 5 | Copyright © 2020
    TLS and mTLS in Gloo API Gateway
    TLS Termination
    TLS Origination
    TLS Passthrough
    mTLS with Upstream Server
    Already Serving TLS
    mTLS with Service Mesh

    View Slide

  6. 6 | Copyright © 2020
    Scenario: L7 Encryption with TLS and mTLS

    View Slide

  7. 7 | Copyright © 2020
    Scenario: L4 TCP Encryption

    View Slide

  8. 8 | Copyright © 2020
    Gloo Open Source and Enterprise Features

    View Slide

  9. 9 | Copyright © 2020
    LEARN MORE
    solo.io/gloo
    OPEN SOURCE
    gloo.solo.io
    ENTERPRISE TRIAL
    lp.solo.io/lp-request-a-trial-general
    TRY THE DEMOS
    github.com/solo-io
    SOLO COMMUNITY
    slack.solo.io
    Thank You!

    View Slide