Tigera: Microsegmentation: How to Implement Default Deny in Kubernetes

Are you a Platform or DevOps engineer tasked with securing a flat network? Implementing a robust network security posture is essential for preventing breaches and meeting compliance standards, but the fear of disrupting service communication often stalls progress.

In this hands-on demo, we will demonstrate how Calico solves this challenge by enabling you to implement microsegmentation with confidence.

We will demonstrate how to:

• Isolate Security Domains: detailed steps to implement granular microsegmentation at a pod or namespace level that satisfies compliance requirements and prevents lateral movement.
• Preview Before You Enforce: How to use Staged Network Policies to preview traffic impacts and “dry run” your security rules, ensuring application uptime while locking down the cluster.
• Accelerate Troubleshooting: Utilize dynamic service graphs to visualize flow logs and instantly identify blocked traffic or policy misconfigurations.