Tigera: Implementing Seamless mTLS in Kubernetes: How to Encrypt Traffic Without Managing Proxies

Are you a DevOps or Platform engineer tasked with securing service-to-service communication? Implementing mTLS is critical for application security, but the complexity of traditional service meshes often slows down deployment and introduces latency.

In this hands-on demo, we will show you how to use Calico (powered by Istio Ambient Mode) to implement a “sidecarless” architecture. You will learn how to roll out robust mTLS encryption and identity awareness to your applications transparently, ensuring security without the performance penalty.

We will demonstrate how to:

• Deploy mTLS at Scale: How to transparently encrypt traffic between services to ensure your applications are secure and compliant by default.
• Simplify Onboarding: A walk-through of onboarding workloads to the mesh in seconds using Kubernetes tags—no restarts or complex config changes required.
• Boost Performance: How to utilize per-node proxies (ztunnels) to achieve Layer 4 security and encryption while reducing resource consumption compared to traditional sidecars.