Leveraging the Linux Kernel for Building a Zero-Trust Environment With… Marton Sereg & Zsolt Varga
Don’t miss out! Join us at our next Flagship Conference: KubeCon + CloudNativeCon North America in Salt Lake City from November 12 – 15, 2024. Connect with our current graduated, incubating, and sandbox projects as the community gathers to further the education and advancement of cloud native computing. Learn more at https://kubecon.io
Leveraging the Linux Kernel for Building a Zero-Trust Environment Without a Service Mesh – Marton Sereg & Zsolt Varga, Cisco
Faced with the need to establish a zero-trust network, our team sought an alternative to complex and resource-heavy service meshes. In this session, we share our journey toward a unique solution: a kernel module that enables mTLS and access control directly from the Linux Kernel by relying on proven technologies like WebAssembly, kTLS, or OPA. This approach allowed us to assign strong identities to workloads and encrypt traffic without modifying application code or interfering with the network layer, overcoming the typical complexities associated with traditional methods. We will discuss the challenges we faced, our thought process, and the practical steps taken in developing and deploying this solution. Importantly, we made our kernel module open-source, contributing a simpler, more efficient method for achieving zero-trust security to the wider community.
by CNCF [Cloud Native Computing Foundation]
linux foundation
