Hi [[ session.user.profile.firstName ]]

Kubernetes & Tigera: Network Policies, Security, and Auditing

Of course, Tigera's ability to provide Kubernetes pod networking and facilitate service discovery is extremely valuable, but its real superpower is that both Tigera's commercial offerings and open-source Tigera Calico can implement network security policies inside a Kubernetes cluster.

Most external network security operates at the perimeter or at the physical network layer of Kubernetes. Because Tigera runs inside Kubernetes, it can provide policy and security based on Kubernetes structures like namespaces and deployments.

In this webinar, Senior Technical Solutions Engineer with Tigera, Drew Oetzel, will show you examples of implementing these types of policies for several common security and compliance use cases.

He'll also show you why implementing these types of security policies is so important to keeping your ever-expanding Kubernetes workloads secure.
Recorded Jun 19 2019 50 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Drew Oetzel, Senior Technical Solutions Engineer with Tigera
Presentation preview: Kubernetes & Tigera: Network Policies, Security, and Auditing

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Kubernetes, Helm, And Network Secruity: Best Practices at Scale Jul 10 2019 5:00 pm UTC 75 mins
    Brandon Jozsa, Sr. Solutions Architect with Tigera
    Learn how to operate Kubernetes and Helm at scale and maintain network security and compliance.
  • Kubernetes & Tigera: Network Policies, Security, and Auditing Recorded: Jun 19 2019 50 mins
    Drew Oetzel, Senior Technical Solutions Engineer with Tigera
    Of course, Tigera's ability to provide Kubernetes pod networking and facilitate service discovery is extremely valuable, but its real superpower is that both Tigera's commercial offerings and open-source Tigera Calico can implement network security policies inside a Kubernetes cluster.

    Most external network security operates at the perimeter or at the physical network layer of Kubernetes. Because Tigera runs inside Kubernetes, it can provide policy and security based on Kubernetes structures like namespaces and deployments.

    In this webinar, Senior Technical Solutions Engineer with Tigera, Drew Oetzel, will show you examples of implementing these types of policies for several common security and compliance use cases.

    He'll also show you why implementing these types of security policies is so important to keeping your ever-expanding Kubernetes workloads secure.
  • Meeting PCI DSS Network Security Requirements in Kubernetes Environments Recorded: Jun 5 2019 50 mins
    Vince Lau, CISSP, Director of Product Marketing at Tigera
    Compliance standards such as PCI DSS have assumed that traditional characteristics and behaviors of the development and delivery model would continue to be constant going forward. With the Container/Kubernetes revolution, that set of assumptions is no longer entirely correct. Attend this webinar and learn about what's changed, how those changes weaken your compliance and control environment, and what you can do to adjust to the new reality.
  • Extending Firewalls to Kubernetes to Not Break Existing Security Architectures Recorded: May 21 2019 42 mins
    Amit Gupta, VP of Product Management, Tigera
    Security teams use firewalls to secure their production environments, often using a zone-based architecture, and Kubernetes does not deploy well to that architecture. Application teams are launching new business-critical applications on Kubernetes and are aggressively moving to production. A clash is bound to happen.

    In this webinar, we will describe an approach to extend firewalls to Kubernetes that will accelerate deployment to production, save time & money, and preserve existing security processes and investments.
  • Securing Kubernetes Applications in Google Cloud with Tigera Recorded: Apr 17 2019 49 mins
    Amit Gupta, VP of Product Management, Tigera
    Calico was just recently embedded into Google GKE-On prem and we will demonstrate how to implement security controls on GKE. Don’t miss this webinar as we will be sharing some common network security challenges in the Kubrnetes environment. In addition, we will explore enterprise-grade Calico features provided in Tigera Secure which enables enterprises to add network security support in hybrid cloud environments with:

    + Network Flow Logs that record accepted and denied traffic, which policies denied the traffic, and workload context such as Kubernetes namespaces, labels, and metadata. Tigera Secure also provides dynamic graphical visualization of network flows.

    + Tiered policy controls with role-based access controls, to enable multiple teams to independently manage their respective security policies within the governance of the security team.

    + Anomaly Detection capabilities that provide insight into unusual behaviors and sophisticated attacks that compromise the security and performance of Kubernetes environments.
  • Istio Traffic Management - Best Practices in Secure Kubernetes Environments Recorded: Apr 3 2019 49 mins
    Christopher Liljenstolpe, CTO, Solutions, Tigera
    Istio’s traffic management decouples traffic flow and infrastructure scaling allowing you to specify what rules to govern traffic rather than which specific pods should receive traffic.

    In this webinar we'll discuss the following traffic management topics:
    · Discovery Load Balancing
    · Failure Handling
    · Fault Injection
  • Kubernetes & Zero Trust Security: Supporting a CARTA with Anomaly Detection Recorded: Mar 20 2019 35 mins
    Christopher Liljenstolpe, CTO, Solutions, Tigera
    Learn how Anomaly Detection supports, what Gartner has termed, a continuous adaptive risk and trust assessment (CARTA) when building a CaaS platform using Kubernetes. Anomaly Detection expands the zero trust network security model and continuously assess the application and network risk that enables adaptive policy adjustments. Anomaly Detection identifies outliers in Kubernetes clusters by building profiles of typical workloads and components to know when they start to deviate from the norm. It also manages network risk by continuously monitoring for activities such as reconnaissance scan, service connections anomaly, service bytes anomaly, and pod outlier activity detection.
  • Kubernetes & Zero Trust Security: Supporting a CARTA Approach Recorded: Mar 6 2019 31 mins
    Christopher Liljenstolpe, CTO, Solutions, Tigera
    Learn how to support a continuous adaptive risk and trust assessment (CARTA) approach leveraging accurate Kubernetes flow logs. 5-tuple logging is commonly used to monitor and detect anomalies and produces unreliable data that cannot accurately identify anomalies nor prove enforcement of security policies. Network flow logs include workload identity and other metadata that help continuously monitor activities within Kubernetes clusters.
  • Top Container Security Lessons from Deploying Kubernetes and Red Hat OpenShift Recorded: Feb 21 2019 63 mins
    Matt Smith, Chief Architect, Red Hat & Christopher Liljenstolpe, CTO, Solutions, Tigera
    Join Red Hat Chief Architect, Matt Smith, along with Tigera CTO, Solutions, Christopher Liljenstolpe, as they share their experience and knowledge helping leading enterprises achieve their key business transformation initiatives around moving to secure cloud-based, containerized microservice applications. In this 60 minute webinar, they will cover their top lessons learned on network security and Red Hat OpenShift.
  • Zero Trust Security: Supporting a CARTA approach with Network Security Recorded: Jan 24 2019 33 mins
    Christopher Liljenstolpe, Chief Technical Officer, Solutions at Tigera
    Learn how to support, what Gartner has termed, a continuous adaptive risk and trust assessment (CARTA) when building a CaaS platform using Kubernetes. Network security enables microsegmentation and is a core component of a zero trust security model. It allows you to protect your workloads against threats without relying on assumptions about the network, infrastructure, and workloads.
  • Kubernetes Ingress & Egress Traffic Management Recorded: Jan 11 2019 38 mins
    Christopher Liljenstolpe, Chief Technical Officer, Solutions at Tigera
    The networking infrastructure within a Kubernetes cluster is usually
    private, or at least internally oriented. So what do you want to do
    when you need to expose your application or services to the public?
    What are your options for connecting to resources outside of your
    cluster? In this webinar we'll discuss:

    * Address cluster endpoints from the outside world
    * Communicate from within the cluster to external resources
    * Load balance services
  • Leveraging Kubernetes Services & DNS Recorded: Dec 19 2018 32 mins
    Christopher Liljenstolpe, Chief Technical Officer, Solutions at Tigera
    The Domain Name System (DNS) is used to associate IP addresses with meaningful names. By default, Kubernetes clusters configure internal DNS to provide for service discovery automatically. This makes it easy for workloads to locate and work with each other on Kubernetes clusters.
    In this webinar, learn:

    * How DNS resolution works in Kubernetes with a network security solution like Tigera

    * How services and pods get assigned fully qualified domain names (FQDN)

    * The relationship between services and pods
  • Istio - Enabling a Defense in Depth Network Security Posture Recorded: Dec 4 2018 61 mins
    Christopher Liljenstolpe, Chief Technical Officer, Solutions at Tigera
    Are you looking into Istio? Many companies are investigating Istio to reduce the challenges of managing microservices as it delivers a uniform way to connect, monitor, and secure environments - especially used in concert with Kubernetes.

    Did you know that Istio is a part of the Tigera Secure solutions, that we play an active role in developing Istio, and we co-chair the Istio security special interest group? We'd like to share our expertise to help you understand how Istio fits into a comprehensive network security model.

    Attend our webinar on Tuesday, December 4 to learn about implementing a defense in depth posture that enables zero-trust network security across L3-L7 and allows Application, DevOps, Platform Engineering, Network, and Security and Compliance teams to seamlessly work together.

    Join Christopher Liljenstolpe, CTO, solutions at Tigera as he discusses strategies and technical details on:

    + Integrating Istio Policy into Kubernetes NetworkPolicy resulting in a single unified policy called application layer policy (ALP)
    + Implementing defense in depth by enforcing policies at multiple points within the infrastructure
    + Authenticating the identity of each request based on multiple criteria
    + Operationalizing ALP across heterogeneous environments
  • Kubernetes: Securing Hybrid and Multi-Cloud Environments Recorded: Nov 15 2018 45 mins
    Christopher Liljenstolpe, Chief Technical Officer, Solutions at Tigera
    Kubernetes is widely used to re-architect traditional applications. Many organizations first set up Kubernetes within their on-prem environment and then later expand to the public cloud. This hybrid environment often creates security and compliance challenges with workloads. Join this webinar to learn how to leverage universal security policy definition that works across a hybrid environment.
  • Enforcing Compliance in Dynamic Kubernetes Environments Recorded: Oct 30 2018 35 mins
    Christopher Liljenstolpe, Chief Technical Officer, Solutions at Tigera
    While the Container/Kubernetes revolution is starting to deliver on its promise of making application development and delivery more agile and responsive, it does so by changing some of the traditional characteristics and behaviors of the development and delivery model. Control and compliance regimes have assumed that these would continue to be constant going forward. That set of assumptions is no longer entirely correct. Attend this webinar and learn about what's changed, how those changes weaken your compliance and control environment, and what you can do to not only adjust to the new reality but actually have your security team being a key enabler of the new agile model.
  • Introduction to Kubernetes Network Policy with Use Cases Recorded: Oct 10 2018 32 mins
    Cody McCain, Senior Solution Architect, at Tigera
    In Kubernetes, Network Policy allows you to define a policy determining what traffic is allowed to flow to and from specific workloads. By default, Kubernetes permits ingress and egress traffic to and from all pods in a namespace. Without correct configuration your risk of a significant security breach is high. Attend this webinar and learn best practices in configuring Kubernetes network security.
  • Improving Security Forensics in Kubernetes Environments Recorded: Sep 27 2018 42 mins
    Christopher Liljenstolpe, Chief Technical Officer, Solutions at Tigera
    The success of Kubernetes has made monitoring and alerting more difficult for traditional Security Information and Event Management (SIEM) tools. Attend this live webinar to learn how implementing the right network security and compliance solution will improve the accuracy and completeness of security forensic monitoring and alerting when using Kubernetes.
  • Kubernetes Security Considerations for IDS/IPS in the age of TLS v1.3 Recorded: Sep 18 2018 48 mins
    Christopher Liljenstolpe, Chief Technical Officer, Solutions at Tigera
    TLS v1.3 introduces several new security improvements over TLS 1.2 but some of these enhancements have an impact on network-based security solutions such as IDS/IPS. While the goal is to enhance the overall security at the application level, there are a few scenarios that are not easily solved when introducing the new technology, especially in Kubernetes environments. Watch this webinar to learn about security and compliance considerations for Kubernetes when implementing TLS v1.3.
  • Top 5 Best Practices for Kubernetes Network Security and Compliance Recorded: Aug 30 2018 47 mins
    Christopher Liljenstolpe, Chief Technical Officer, Solutions at Tigera
    While a microservice architecture, orchestrated by applications like Kubernetes, offers a tremendous business advantage for time to market, proper security and compliance controls must be put in place.

    This is a crucial step when deploying microservices and teams must work together by using the proper tools during implementation. We will explore 5 things you can do to meet security and compliance requirements for your microservices stack.

    Watch this webinar to learn about considerations for security and compliance with microservices, understanding key principles for compliance, and leveraging the proper security tools and methods for compliance.
  • Network Security & Compliance for Kubernetes on AWS and EKS Recorded: Aug 14 2018 60 mins
    Amit Gupta, VP Product Management at Tigera, and Carmen Puccio, Principal System Architect at AWS
    Join this exclusive AWS webinar co-hosted with Tigera. We will demo how to implement turnkey compliance and security controls for Kubernetes in AWS and Amazon EKS environments.

    This webinar will explore how to extract data required for IT audits and implement network segmentation and encryption to meet your security and compliance requirements. We'll cover the security and compliance challenges that users face when deploying Kubernetes in AWS and Amazon EKS environments

    We'll also present a live demonstration of key capabilities within Tigera Secure Cloud Edition
Zero Trust Network Security & Compliance for Kubernetes Platforms
Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to secure containers and applications with a least privileges model and defense in depth. Tigera’s technology is recognized and trusted as the de facto standard for Kubernetes network security.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Kubernetes & Tigera: Network Policies, Security, and Auditing
  • Live at: Jun 19 2019 5:00 pm
  • Presented by: Drew Oetzel, Senior Technical Solutions Engineer with Tigera
  • From:
Your email has been sent.
or close