Service Mesh: beyond the hype; beyond the cloud |
Abstract
The service mesh may be a great solution; but what is the problem they are built to solve? Zero trust networks have long been an unrealised ambition; additionally for many newcomers to the industry, the benefits of zero-trust may not be obvious. In parallel, service mesh technology is getting a lot of hype however this is typically associated with cloud based workloads as this emerging technology is still poorly understood. Further, security teams have historically lacked pragmatic options to support their technology & business colleagues that wish to undertake Monolith to Microservice architecture transformation. In this talk we will take a security centric deconstruction of how a service mesh operates, and how they can be used to significantly improve the security posture of your application & infrastructure as we contrast this technology against the threats and risks posed to traditional on-premise networks, and cloud based technology. We will review multiple deployment methods across cloud and on-premise, including how this can assist in the monolith to microservice transition and how these two elements can be combined to unlock the long held ambition of zero trust networking. Finally, we discuss the inevitable trade-offs with maturing technology; understand where applications and infrastructure still remain vulnerable and go beyond the hype to provide some real world experience from a recent implementation and discuss what workload is appropriate for a service mesh deployment. Speaker Bio: I love security, developers, applications and things in the cloud. Purveyor of DevSecOps through the conduit of Security Architecture however I'm not afraid to roll up my sleeves and muck in with developers, ops & SRE. |