Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Protecting Applications with L4 and L7 Network Encryption for TLS/mTLS

Solo.io
July 30, 2020
Programming
0
160

Protecting Applications with L4 and L7 Network Encryption for TLS/mTLS

API Gateways act as a control point for accessing backend application services by external clients and end users. Depending on the request path and the service the client is connecting to, organizations may want to secure it by encrypting the communications.

Gloo is a next generation API Gateway and Kubernetes Ingress controller that connects, manages and secures the request and response traffic from external users to a broad portfolio of backend applications including; monoliths, microservices and serverless. Built using Envoy as the edge proxy in the gateway, Gloo supports L4 and L7 layer traffic to enable TLS and mTLS encryption for your ingress traffic.

Watch the video https://youtu.be/9LlBvSwiFg8
Tutorials https://github.com/solo-io/gloo-ref-arch/tree/master/webinars/encryption
About Gloo https://solo.io/products/gloo
Questions? https://slack.solo.io

Solo.io

July 30, 2020
Tweet

More Decks by Solo.io

See All by Solo.io
Gloo Mesh Enterprise Webinar 12.10.2020
soloio
0
140
Workshop - Service Mesh Hub
soloio
0
77
Wasm-SF Meetup - Creating a "Docker-Like" Experience for Wasm in Envoy
soloio
0
55
What's New in Gloo API Gateway version 1.5
soloio
0
350
Workshop - Service Mesh Hub
soloio
1
83
Can You Replace API Management with Service Mesh?
soloio
0
430
Multi-Cluster Deployment Patterns for Ingress and API Gateways
soloio
0
390
Gloo API Gateway Federation Overview and Demo
soloio
0
340
Gloo 1.4 Release Overview
soloio
0
290

Other Decks in Programming

See All in Programming
トランクベース開発の実現に向けた開発プロセスとCIパイプラインの継続的改善
aanrii
2
110
Rustの手続きマクロで黒魔術入門
lemolatoon
2
520
全ブラウザ対応したcontainer queryは何がスゴイのか?
tonkotsuboy_com
11
11k
テキストエディタのブラウザ実装 / tokyo_study
oliver_diary
0
150
コミット履歴キレイですか / clean up commit logs
tockey
0
2.7k
ココナラにおけるジョーシス / Netskope適用に向けたアプローチ実録
coconala_engineer
0
140
Употреба и скриптиране на Vim във ФМИ 2023
andrewradev
0
180
Recon Slides by Anon_Y0gi
y0gi
0
210
年間版1秒動画2023 大量配信の裏側 - MIXI TECH CONFERENCE 2023 DAY1
haman29
2
710
どこでも動くWebフレームワークをつくる
yusukebe
11
4k
LayerXにおける機械学習を活用した請求書OCR機能に関する取り組み / deim2023-layerx-ai-ocr
yuya4
7
1.2k
日常業務のカイゼンで図る開発チームへの貢献 - YAPC::Kyoto 2023
koluku
3
220

Featured

See All Featured
Building a Scalable Design System with Sketch
lauravandoore
451
31k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
217
21k
Reflections from 52 weeks, 52 projects
jeffersonlam
339
18k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
182
15k
Designing Experiences People Love
moore
130
22k
Why You Should Never Use an ORM
jnunemaker
PRO
49
8k
GitHub's CSS Performance
jonrohan
1021
430k
We Have a Design System, Now What?
morganepeng
37
6k
Building Better People: How to give real-time feedback that sticks.
wjessup
346
17k
Bash Introduction
62gerente
602
210k
Code Reviewing Like a Champion
maltzj
508
38k
BBQ
matthewcrist
75
8.2k

Transcript

  1. L4/L7 Network Encryption with
    Gloo API Gateway
    July 30, 2020

    View Slide

  2. 2 | Copyright © 2020
    Secure Networks, Safer Applications
    Challenge
    Backend applications are often exposed as APIs accessible by external clients and end users. This
    creates a potential attack vendor reaching inside the firewall.
    Solution
    Encrypt incoming traffic from external clients over TLS/HTTPS and mTLS with specific clients
    through the API / edge gateway.

    View Slide

  3. 3 | Copyright © 2020
    Gloo API Gateway and Ingress Controller
    ENVOY CONFIG
    CONTROL
    PLANE
    DATA
    PLANE
    END USERS
    Service 1 Service 2
    Next Generation API Gateway
    • Built with Envoy Proxy
    • Kubernetes and Consul Native
    • Monolith, Microservices and
    Serverless Functions
    • Lightweight, performant, secure
    Service 3

    View Slide

  4. 4 | Copyright © 2020
    Companies Using Gloo
    Read their stories at www.solo.io/customers

    View Slide

  5. 5 | Copyright © 2020
    TLS and mTLS in Gloo API Gateway
    TLS Termination
    TLS Origination
    TLS Passthrough
    mTLS with Upstream Server
    Already Serving TLS
    mTLS with Service Mesh

    View Slide

  6. 6 | Copyright © 2020
    Scenario: L7 Encryption with TLS and mTLS

    View Slide

  7. 7 | Copyright © 2020
    Scenario: L4 TCP Encryption

    View Slide

  8. 8 | Copyright © 2020
    Gloo Open Source and Enterprise Features

    View Slide

  9. 9 | Copyright © 2020
    LEARN MORE
    solo.io/gloo
    OPEN SOURCE
    gloo.solo.io
    ENTERPRISE TRIAL
    lp.solo.io/lp-request-a-trial-general
    TRY THE DEMOS
    github.com/solo-io
    SOLO COMMUNITY
    slack.solo.io
    Thank You!

    View Slide