Zero Trust Networking with a Service Mesh
HTML-код
- Опубликовано: 3 авг 2024
- Use a service mesh to enforce zero trust networking principles, including authentication, authorization and encryption. Further enhance security by integrating your service mesh with Vault’s secret’s management and PKI engine. Learn more → hashi.co/consul
Rather than use traditional manual methods to secure network services, organizations can offload many network security requirements onto service meshes. This video will go over the principles of zero trust networking, which includes being identity driven, authentication, authorization, encryption, time-bound access, and audits logs. It will also illustrate the use of proxies to enforce security rules and policies set forth by administrators. Lastly, it will also discuss some of the integrations between HashiCorp Consul and Vault to further enhance security. Integrations include using Vault’s PKI engine to generate, store and auto-rotate TLS certificates for Consul’s data plane and control plane. For Kubernetes environments, Consul also includes integration to store and retrieve sensitive data from Vault rather than from Kubernetes secrets.
0:00 - Intro
0:25 - Service Identity
1:20 - Service mesh proxies
1:57 - Authorization
3:50 - Authentication & encryption (mTLS)
4:40 - Time-bound access
5:50 - Consul service mesh integration with Vault
6:30 - Vault PKI engine for dataplane
8:32 - Kubernetes secrets challenges
9:40 - Vault secrets management
10:42 - Summary/Outro
More of our whiteboard videos can be found here → • HashiCorp Explains
Subscribe to our RUclips Channel → ruclips.net/user/HashiCorp?s...
For hands-on interactive labs with Consul, visit HashiCorp Learn → learn.hashicorp.com/consul
HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, Nomad, Boundary, and Waypoint allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices.
For more information → hashicorp.com
Twitter → / hashicorp
LinkedIn → / hashicorp
Facebook → / hashicorp
Product: HashiCorp Consul, Fullname: Van Phan
#ZeroTrust #ServiceMesh #Consul #Kubernetes #Vault 
Наука
![MURDER DRONES Series Finale [TRAILER]](http://i.ytimg.com/vi/p6mhC5Iatns/mqdefault.jpg)
