Attending this event?
September 25-26, 2023
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for IstioCon Virtual 2023 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in EDT. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above “Filter by Date.”

Back To Schedule
Tuesday, September 26 • 12:50pm - 1:00pm
Best-Practices for Securing Egress Traffic with Istio - Niranjan Shankar, Microsoft

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Log in to leave feedback.

You’ve successfully installed Istio and secured intra-mesh traffic with mTLS. Great. A common next-step is controlling traffic to services outside of your cluster. Thankfully, Istio offers various custom resources and mesh-wide settings, as well as integration with an egress gateway, to manage outbound traffic. Nonetheless, operators need to take several additional steps and leverage mechanisms external to Istio to enforce a defense-in-depth framework for egress communication. For instance, organizations often require that all traffic that crosses network perimeters should flow through dedicated notes, be filtered by a firewall, and be logged and monitored. Additionally, other network security controls like Network Policies are needed in the event that sidecar proxy is bypassed. In this session, we’ll explore a brief, but comprehensive, end-to-end demo how Istio APIs and configurations can integrate with cloud security services, observability tools, and Kubernetes security resources to fully secure egress traffic from your cluster. Demo: https://github.com/nshankar13/tutorials/tree/main/istio-egress-demo.

avatar for Niranjan Shankar

Niranjan Shankar

Software Engineer, Microsoft
Niranjan Shankar is a software engineer on the Azure Kubernetes Service (AKS) Traffic Team, where he is driving feature development and integration for the Istio-based service mesh add-on for AKS, and also contributes to the Istio open-source project. He was formerly a member of the... Read More →

Tuesday September 26, 2023 12:50pm - 1:00pm EDT
  ⚡Lightning Talks