Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Tigera

How to Implement Network Policy in Amazon EKS to Secure Your Cluster

By default, pods are non-isolated; they accept traffic from any source. The Amazon EKS solution to this security concern is Network Policy that lets developers control network access to their services. Amazon EKS comes configured with Network Policy using Project Calico which can be used to secure your clusters. This class will describe a few use cases for network policy and a live demo implementing each use case.

Enforcing Enterprise Security Controls in Kubernetes using Calico Enterprise

Hybrid cloud infrastructures run critical business resources and are subject to some of the strictest network security controls. Irrespective of the industry and resource types, these controls broadly fall into three categories. Workloads (pods) running on Kubernetes are ephemeral in nature, and IP-based controls are no longer effective. The challenge is to enforce the organizational security controls on the workloads and Kubernetes nodes themselves.

Calico Enterprise Multi Cluster Management - Federated Identity and Services

Learn how to simplify deployment and ongoing operations for more than one cluster running Calico Enterprise. What is Calico Enterprise Multi-Cluster Management How is Calico Enterprise Multi-Cluster architected How to set up Calico Enterprise Multi-Cluster Management How to enable Federated Endpoint Identity and Services for Multi-Cluster use cases A Calico Enterprise trial is available after this session and you will be able to practice these use cases on your own within a hosted lab.

Enterprise Security Controls for Kubernetes

In this talk, we will explore how to meet common enterprise security control needs when running Kubernetes. Specifically, we will look at a range of common enterprise security needs and how you can meet these with standard Kubernetes primitives and open source projects such as Calico, or take it a step further with the additional features of Calico Enterprise.

Now GA: Data-in-Transit Encryption in Calico v3.15

We’re excited to announce that the latest release of Calico includes encryption for data-in-transit. Calico is the open source networking and network security solution for containers, virtual machines, and host-based workloads, offering connectivity and security for container workloads. One of Calico’s best-known security features is its implementation of Kubernetes Network Policy, providing a way to secure container workloads by restricting traffic to and from trusted sources.

Introduction to multi cluster security using Calico Enterprise

Now that you’ve deployed your network policies to secure your Kubernetes cluster, how do you deploy your policies to other clusters? What do you do each time a new cluster is provisioned? And how do you deploy changes to your policies? Most organizations have a set of central security policies, and many are deploying Kubernetes across multiple clouds and on-prem. Scaling security becomes a formidable challenge. Calico Multi-Cluster Management is a feature in Calico Enterprise that Federates network security policies across multiple clusters – whether on-prem, hybrid, or multi-cloud.

On-Demand Webinar: Extending Your Fortigate Next-Gen Firewall to Kubernetes

Companies are leveraging the power of Kubernetes to accelerate the delivery of resilient and scalable applications to meet the pace of business. These applications are highly dynamic, making it operationally challenging to securely connect to databases or other resources protected behind firewalls. Tigera and Fortinet have joined forces to solve this operational challenge. With the combination of FortiGate Next-Gen firewalls and Calico Enterprise, you gain full visibility into the container environment and can define fine-grained policies to determine which Kubernetes workloads are allowed to talk to the enterprise’s crown jewels running outside the Kubernetes cluster.

Kubernetes Security: Lateral Movement Detection and Defense

What is Lateral Movement? Lateral movement refers to the techniques that a cyber-attacker uses, after gaining initial access, to move deeper into a network in search of sensitive data and other high-value assets. Lateral movement techniques are widely used in sophisticated cyber-attacks such as advanced persistent threats (APTs).

Calico Egress Gateway: Universal Firewall Integration for Kubernetes

New applications and workloads are constantly being added to Kubernetes clusters. Those same apps need to securely communicate with resources outside the cluster behind a firewall or other control point. Firewalls require a consistent IP, but routable IPs are a limited resource that can be quickly depleted if applied to every service.