Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Using Envoy as an Egress Proxy for TLS Enabled Traffic

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore a solution for using Envoy as an egress proxy for TLS-enabled traffic in this conference talk by Amit Jain and Kiran Kumar from VMware. Learn about the challenges faced by modern cloud-native applications in securing external interactions and how to overcome Envoy's limitations for egress security. Discover the combined approach of deploying Envoy as a transparent egress sidecar proxy along with SSLproxy for TLS interception. Dive into the traffic stitching mechanism and a new Envoy listener filter that acts as the glue between Envoy and SSLproxy, extending Envoy's capabilities for integrated egress security. Gain insights into the implementation details, including SSL Proxy for deep SSL inspection, Envoy extension with SSL Proxy Listener Filter, and ISTIO Control Plane integration using EnvoyFilter CRD.

Syllabus

Intro
Cloud-Native Applications Bring New Security Challenges
Egress Connectivity is Must to Have for Modern Microservice Applications rely on external services for critical part of their functionality
Envoy's Limitations For Egress Security and Proposed Solut
SSL Proxy for Deep SSL Inspection
Using SSL Proxy for Egress TLS Interception
Enabling Envoy to Intercept Egress TLS with SSL Proxy SSL Proxy provides MITM and Enables Envoy Traffic Management & Security for TLS
Envoy Extension - SSL Proxy Listener Filter SSL Proxy Listener Fiter Provides Interface to SSL Prowy
ISTIO Control Plane Integration Using EnvoyFilter CRD Configures Envoy as transparent proxy for Observability Mode Only
Open Items & Next Steps

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Using Envoy as an Egress Proxy for TLS Enabled Traffic

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.