Hi [[ session.user.profile.firstName ]]

Easily Achieve Distributed Policy Deployment Across Your Kubernetes Multicluster

With Kubernetes network security policies only operating within the context of a single cluster; multi-cluster and multi-cloud deployments become challenging to manage. Cloud-native applications are often deployed across multiple regions and sometimes across multiple clouds for high-availability/resiliency which inevitably translates to a deployment across multiple clusters. Kubernetes network policies boil down to IP-based ingress and egress rules for access control outside the cluster in which IP-based rules do not work well with dynamic microservices. What is needed is a new approach that eliminates the need for IP-based Kubernetes network security policies.

Aporeto uses a workload identity based-approach to cloud security, not IP addresses, to authenticate and authorize policies distributed across a Kubernetes cluster. Aporeto automates the most complex security requirements for operating workloads in Kubernetes, including network access control, API security, security configuration automation, policy distribution and enforcement across hybrid and multi-cluster environments all from a single platform.

In this webinar we will demonstrate how:
* Aporeto assigns a cryptographic signed and attested service identity to every Kubernetes pod
* The use of a service identity tied to a Kubernetes pod allows all policies to be enforced independent of infrastructure - cross regions, cross clouds and cross data centers
* You can route your traffic as needed by your network team, independent of security concerns - north/south or east/west due to Aporeto use of service identity to protect your workloads
* Aporeto strengthens security against bad actors and malicious threats to prevent a security breach
Recorded Sep 17 2019 49 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Marcus Heese, Principal Engineer, Aporeto
Presentation preview: Easily Achieve Distributed Policy Deployment Across Your Kubernetes Multicluster

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Easily Achieve Distributed Policy Deployment Across Your Kubernetes Multicluster Recorded: Sep 17 2019 49 mins
    Marcus Heese, Principal Engineer, Aporeto
    With Kubernetes network security policies only operating within the context of a single cluster; multi-cluster and multi-cloud deployments become challenging to manage. Cloud-native applications are often deployed across multiple regions and sometimes across multiple clouds for high-availability/resiliency which inevitably translates to a deployment across multiple clusters. Kubernetes network policies boil down to IP-based ingress and egress rules for access control outside the cluster in which IP-based rules do not work well with dynamic microservices. What is needed is a new approach that eliminates the need for IP-based Kubernetes network security policies.

    Aporeto uses a workload identity based-approach to cloud security, not IP addresses, to authenticate and authorize policies distributed across a Kubernetes cluster. Aporeto automates the most complex security requirements for operating workloads in Kubernetes, including network access control, API security, security configuration automation, policy distribution and enforcement across hybrid and multi-cluster environments all from a single platform.

    In this webinar we will demonstrate how:
    * Aporeto assigns a cryptographic signed and attested service identity to every Kubernetes pod
    * The use of a service identity tied to a Kubernetes pod allows all policies to be enforced independent of infrastructure - cross regions, cross clouds and cross data centers
    * You can route your traffic as needed by your network team, independent of security concerns - north/south or east/west due to Aporeto use of service identity to protect your workloads
    * Aporeto strengthens security against bad actors and malicious threats to prevent a security breach
  • Key Considerations for a Successful Zero Trust Security Strategy Recorded: Aug 22 2019 58 mins
    Jimmy Xu, Director, DevSecOps and Cloud Security, Trace3 and Mark Jimenez, Technical Director, Aporeto
    Enabling an effective cloud migration strategy requires rethinking static, perimeter-centric data center security for a dynamic and scalable solution that includes protection for every end point in the cloud. A Zero Trust security model is particularly effective for cloud-based applications because it calls for enterprises to leverage microsegmentation and granular perimeter enforcement based on users, their locations and other data to determine whether to trust a user, machine or application seeking access to a particular part of the enterprise. However, most organizations typically have a hybrid environment with applications on-prem as well as in the cloud making a Zero Trust implementation challenging. What is needed is a new identity-based approach to cloud security that enables a Zero Trust posture for any infrastructure, and any workload at scale.

    Aporeto provides comprehensive cloud network security through microsegmentation and secure access to applications and infrastructure using identity rather than IP addresses for a Zero Trust security solution. In this 60 minute webinar Trace3 and Aporeto will discuss the Zero Trust security framework components and what to consider to enable a successful cloud security strategy.

    In this webinar you will learn how:
    Aporeto’s SaaS-based platform allows you to build and enforce distributed policies enabling authentication, authorization and encryption regardless of infrastructure

    Policies remain portable and persistent across workloads including containers, Kubernetes, serverless, service mesh and VMs

    Aporeto provides complete visualization and centralized management of application security across hybrid environments from a single tool
  • Informatica Accelerates a CloudTrust Security Model with Aporeto Cloud PAM Recorded: Jul 30 2019 54 mins
    Alec Chattaway, Director Cloud Infrastructure Operations at Informatica and Anand Ghody, Sr. Marketing Technical Engineer
    Alec Chattaway, Director Cloud Infrastructure Operation at Informatica will share how he and his team leverage Aporeto’s Cloud Privileged Access Management (PAM) solution to eliminate the need for SSH keys. With Aporeto, every user gets a unique, ephemeral, time-bound SSH certificate based on his/her identity. This approach enables Informatica to enforce just-in-time administrative access to cloud infrastructure, with dramatically simplified operations.

    In this webinar you will learn about:
    * Informatica's journey to building a robust cloud security posture to meet stringent compliance requirements all while accelerating consumption of cloud infrastructure to meet their business needs
    * The security challenges that Alec and his team faced in managing administrative access to their cloud infrastructure and the approach his team embarked on to remediate these challenges
    * How Aporeto's turn-key Cloud PAM solution enabled Informatica to enforce just-in-time administrative access to cloud infrastructure so they could focus on more impactful business activities
  • Identity is a Game Changing Model for Cloud Security - So What is it? Recorded: Jul 18 2019 63 mins
    Mark Jimenez, Technical Marketing Engineer, Aporeto
    Migrating workloads to the cloud can be a daunting task for many enterprise organizations. This is especially challenging when trying to combine an on-prem static environment that relies on IP addresses for security with the dynamic nature of the cloud, where IP addresses are ephemeral by design and any unsecured endpoint can leave your business exposed. Have you been thinking, if only there was an easier way to make security uniform across my entire cloud/hybrid environment, is backward compatible, future built, easily scales, infrastructure agnostic and provides end-to-end visibility all within a single tool? The answer is YES! The solution is Identity!


    Aporeto uses rich identity (not IP addresses) to eliminate the constraints from traditional Firewalls, VPNs, Cloud Security Groups, SDNs, and virtual appliances. Aporeto fingerprints servers, services, and workloads to generate actual application identity. Application identity enables stronger security because it only allows sanctioned whitelist communications. Security policies remain portable and persistent. Aporeto enables distributed workload protection with centralized visibility and control.

    In this webinar you will learn:
    •How Aporeto uses identity context, vulnerability data, threat monitoring and behavior analysis to build and enforce authentication, authorization and encryption policies for applications.

    •How Aporeto auto-generates a unique workload “fingerprint” by combining workload metadata from any available system and user identity data from OIDC-compliant providers.

    •How Aporeto allows you to microsegment and secures your network across heterogeneous infrastructures that include: containers, Kubernetes, serverless, service mesh, and VM architectures for a Zero Trust security posture.

    Presenter:
    Mark Jimenez, Technical Marketing Engineer, Aporeto
  • Unleash the Power of Identity-based Cloud Security with Aporeto Recorded: Jun 18 2019 56 mins
    Anand Ghody, Sr. Marketing Technical Engineer
    As more organizations migrate to the cloud, many are confronted with the challenge of securing workload environments both on-prem and in the cloud. The increasing use of cloud-native technologies like containers, Kubernetes, service mesh and serverless add more complexity to effectively providing security for these very different environments. These shortcomings are emphasized with a traditional network security model that relies on IP addresses and lacks scalability and protection against advanced threats. What is needed is a new, identity-based approach to cloud security.

    The Aporeto platform abstracts security away from the IP infrastructure to address application segmentation requirements and improves application risk posture. Aporeto’s identity-based segmentation approach transcends the security constraints of on-prem infrastructure while securing all cloud services, by effectively implementing a Zero Trust security posture across any infrastructure at any scale. Aporeto provides the ultimate segmentation for modern applications based on cryptographic workload identity rather than IP addresses. Security policies remain persistent no matter where the application resides in your cloud or hybrid environment.

    In this webinar we will demo Aporeto’s cloud security services:

    Distributed Firewall: Protect any application across all hybrid and cloud environments

    Cloud PAM: Turn-key privileged access management to your cloud infrastructure

    Identity-Aware Proxy: Enable secure, VPN-less access to any web application
  • Enterprise-Grade Security for Containerized Applications with Red Hat & Aporeto Recorded: May 28 2019 57 mins
    Jason Dobies & Marcus Hesse
    How to Accelerate Business Agility with Zero Trust Security Posture

    Kubernetes-orchestrated microservices and containers is a boon for business agility. By enabling a more agile and distributed software architecture, Kubernetes allows businesses to release new features and capabilities faster than ever before. Red Hat OpenShift is the enterprise choice for a supported Kubernetes release.

    Distributed software architectures require a new approach to security. Aporeto secures all workloads on any infrastructure with identity-based access control, making it the enterprise choice for visualizing and protecting Kubernetes-orchestrated applications on hybrid infrastructures.

    Together, Red Hat OpenShift and Aporeto Identity-Powered Cloud Security enable organizations to achieve greater agility while implementing a Zero Trust security posture.

    Join this webinar to learn:
    - Security benefits of using Aporeto in Red Hat OpenShift
    - Benefits of adding open ID connect (OIDC) to any web service with Aporeto
    - Understanding the future of Red Hat OpenShift 4

    Speakers:
    Jason Dobies, Red Hat
    Jason has 18+ years of experience as a software engineer,12 of those being his time at Red Hat. He is currently working as a Principal Technical Marketing Manager on the Cloud Platforms team where he provides direction and technical advice for applications integrating with OpenShift. Prior to that, Jason's experience includes being a core contributor on multiple OpenStack projects and leading the Red Hat Satellite content management project.

    Marcus Hesse, Aporeto
    Marcus is an Open Source and Security Enthusiast, and a DevOps Engineer with 15 years of experience. Before joining Aporeto as a Principal Engineer, and driving forward the Kubernetes and Layer 7 development and integration efforts, he worked in FinTech, helping to modernize application deployments. As a previous Aporeto customer, he knows Aporeto can be paramount to achieve security and compliance in Kubernetes environments.
  • Aporeto Unplugged: Sales Workshop Recorded: Apr 11 2019 25 mins
    Amir Sharif
    The objective is to accelerate customers' migration to AWS. If we simplify and strengthen application security, we are half-way there.

    Aporeto's identity-powered cloud security protects workloads based on their identity independent of the underlying infrastructure. This makes Aporeto's security portable: Once customers secure their workloads on-premise, they may migrate all or part of their workloads to AWS and still preserve the same zero trust posture.

    Goodbye complex security setups. Hello easier migration to AWS. Join us on this webinar to learn more.
  • For Cloud Apps, Network Security Isn’t Enough Recorded: Mar 19 2019 9 mins
    Jason Schmitt
    Jason Schmitt is CEO at Aporeto, a firm focused on new approaches to securing applications in the cloud. In this video from RSA 2019, Jason speaks with Charlene O’Hanlon about the security pitfalls around moving applications to the cloud, and why network infrastructure’s own baked-in security isn’t enough.
  • Live Webcam Panel: Operationalizing Cybersecurity Recorded: Mar 19 2019 56 mins
    Michelle Drolet, Towerwal, Amy McLaughlin, Oregon State University and Ariful Huq, Aporeto
    Cybersecurity, much like safety, cannot be achieved - it is an ongoing process that changes and adjusts to respond to the threat landscape, business needs and resources. As essential a cybersecurity strategy is to the enterprise, so is the implementation of it.

    Join us for an interactive Q&A panel with security leaders to learn more about how to operationalize cybersecurity.

    Topics up for discussion:
    - Making information security relatable
    - Building security programs
    - Defining your cybersecurity strategy
    - Translating your cybersecurity strategy into a risk management plan
    - Operationalizing your cybersecurity strategy
    - Using the maturity capability model for measuring success

    Moderator:
    Michelle Drolet, CEO, Towerwall
    Panelists:
    Amy McLaughlin, Director of Information Services, Oregon State University
    Ariful Huq, Director of Product Management, Aporeto
  • Identity-Powered Cloud Security Recorded: Mar 4 2019 14 mins
    Amir Sharif
    Today’s IT infrastructures are vast, complex, and consequently fragile. The problem is that while developers need the sophisticated functionality modern IT provides, the fragility poses a significant roadblock—particularly when security and infra requirements enter the picture. In this video, Amir Sharif discusses how Aporeto addresses the security aspects of this problem by bringing unified identity-powered security to complex hybrid infrastructures.
  • Aporeto: How We Prevented the Kubernetes API-Server Vulnerability Recorded: Dec 10 2018 2 mins
    Aporeto
    The security architecture we have adopted in Aporeto worked. The Aporeto enforcers were preventing any attack against CVE-2018-1002105 before it was even announced. In this video we will illustrate how a separation of concerns architecture that isolates security functions while placing them close to applications can maximize security defenses, even when the application protected follow the most strict security guidelines.
  • Aporeto - VMware Cloud PKS Demo Recorded: Dec 5 2018 4 mins
    Aporeto
    Watch how Aporeto visualizes and protects VMware Cloud PKS environments.
  • Cloud Security Gaps Recorded: Oct 9 2018 30 mins
    Ariful Huq – Director of Product Management, Aporeto
    Most organizations are moving existing applications to public cloud environments or building new applications that are designed for the cloud from the beginning. When this shift to the cloud occurs there are a number of security assumptions in the legacy, datacenter-centric security approach that tend to fail. In this webinar learn more about:

    -Why the concept of network segmentation as a security counter measure is not translating successfully to cloud environments.
    -The pitfalls of relying on security groups and 3rd party firewall appliances for segmentation in public clouds
    -Introduction of zero trust security model coupled with workload identity as a new control point for security applications in the cloud
  • Red Hat OpenShift Multicloud Application Security with Aporeto Recorded: Sep 22 2018 5 mins
    Aporeto
    Secure applications on Red Hat OpenShift Container Platform in the multi-cloud with Aporeto. Workload isolation, API access control, host threat detection, container image vulnerability management, secrets & certificates management, and visualization, all based on your application identity.
  • Best Practices for Securing Microservices Recorded: Jun 27 2018 34 mins
    Ariful Huq, Director of Product Management, Aporeto
    The adoption of cloud-managed services such as managed databases and machine learning gives developers the freedom to innovate in the application business logic. Coupling microservices with adoption of cloud infrastructure and cloud managed offerings is a recipe for high-velocity application development. But what does this transformation mean for security teams?

    Watch this webinar to learn:

    -How to secure heterogeneous cloud environments.
    -How to follow Zero Trust principles of authentication and authorization for all transactions.
    -What are the main components of security in the microservices stack?
  • Cloud Security for Financial Institutions Recorded: Jun 15 2018 40 mins
    Aporeto
    The adoption of cloud and containers requires new and more dynamic methods of securing applications. These methods need to address the complexity associated with applications that can span multiple clouds, hybrid infrastructure and private deployments. Instead of relying on traditional networking constructs, cloud-native security needs to enable security teams to centrally manage security policies and enforce them in a distributed fashion.

    In this webinar, we will discuss how to enable faster cloud adoption with less security friction. We will also address the following topics:

    – Customer case studies for addressing PCI & SWIFT requirements in the cloud

    – Gaining visibility into applications data flow before moving to, and after deploying in, the cloud

    – Adopting the Zero Trust security model that requires authentication and authorization for all communication
  • Why Cloud Security Requires a Strong Application Identity Recorded: May 24 2018 31 mins
    Amir Sharif
    Zero Trust security for microservices, containers and cloud works through the transparent generation of strong application identity. This identity is used for authenticating and authorizing application component interaction with themselves, user interfaces, and external services. In this webinar we will discuss how enterprises can adopt microservices and the cloud while leveraging their existing, brownfield infrastructure without compromising security.
  • Aporeto Overview: Zero Trust Security for Microservices, Containers and Cloud Recorded: Mar 27 2018 12 mins
    Jason Schmitt
    Hear from Aporeto’s CEO, Jason Schmitt, on our products, solutions and key use cases.
  • Aporeto in Action Recorded: Mar 1 2018 7 mins
    Aporeto
    Aporeto is a Zero Trust security solution for containers, microservices, cloud and legacy applications. In this On-Demand demonstration learn about key features and use cases of the Aporeto solution, including:

    – Policy in Action across Multi-Cluster and Multi-Cloud

    – Visibility Across Multi-Cluster Environments

    – Automated container runtime protection
  • Google Application Layer Transport Security Recorded: Feb 2 2018 32 mins
    Ariful Huq
    "Google is known for its brilliant engineering, its infrastructure efficiency, and its approach to robust security.

    In this webinar, learn about how to implement ATLS in your enterprise environment."
The latest in Webcasts and Videos from Aporeto
Listen to industry experts discuss the latest trends and disruptions in microservices, container and cloud security and how to deploy Zero Trust in the cloud.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Easily Achieve Distributed Policy Deployment Across Your Kubernetes Multicluster
  • Live at: Sep 17 2019 5:00 pm
  • Presented by: Marcus Heese, Principal Engineer, Aporeto
  • From:
Your email has been sent.
or close