Zero Trust Networking with a Service Mesh

Use a service mesh to enforce zero trust networking principles, including authentication, authorization and encryption. Further enhance security by integrating your service mesh with Vault’s secret’s management and PKI engine. Learn more → https://hashi.co/consul

Rather than use traditional manual methods to secure network services, organizations can offload many network security requirements onto service meshes. This video will go over the principles of zero trust networking, which includes being identity driven, authentication, authorization, encryption, time-bound access, and audits logs. It will also illustrate the use of proxies to enforce security rules and policies set forth by administrators. Lastly, it will also discuss some of the integrations between HashiCorp Consul and Vault to further enhance security. Integrations include using Vault’s PKI engine to generate, store and auto-rotate TLS certificates for Consul’s data plane and control plane. For Kubernetes environments, Consul also includes integration to store and retrieve sensitive data from Vault rather than from Kubernetes secrets.

0:00 - Intro
0:25 - Service Identity
1:20 - Service mesh proxies
1:57 - Authorization
3:50 - Authentication & encryption (mTLS)
4:40 - Time-bound access
5:50 - Consul service mesh integration with Vault
6:30 - Vault PKI engine for dataplane
8:32 - Kubernetes secrets challenges
9:40 - Vault secrets management
10:42 - Summary/Outro

More of our whiteboard videos can be found here →    • HashiCorp Explains  

Subscribe to our YouTube Channel → https://www.youtube.com/c/HashiCorp?s...

For hands-on interactive labs with Consul, visit HashiCorp Learn → https://learn.hashicorp.com/consul

HashiCorp provides infrastructure automation software for multi-cloud environments, enabling enterprises to unlock a common cloud operating model to provision, secure, connect, and run any application on any infrastructure. HashiCorp open source tools Vagrant, Packer, Terraform, Vault, Consul, Nomad, Boundary, and Waypoint allow organizations to deliver applications faster by helping enterprises transition from manual processes and ITIL practices to self-service automation and DevOps practices.

For more information → https://hashicorp.com
Twitter →   / hashicorp  
LinkedIn →   / hashicorp  
Facebook →   / hashicorp  

Product: HashiCorp Consul, Fullname: Van Phan

#ZeroTrust #ServiceMesh #Consul #Kubernetes #Vault