CIO Influence
CIO Influence News Cloud Security

Buoyant Introduces Secure, Zero Trust Network Policies for Kubernetes in Linkerd 2.11 and Buoyant Cloud

Buoyant Introduces Secure, Zero Trust Network Policies for Kubernetes in Linkerd 2.11 and Buoyant Cloud
New releases enhance security and management of network traffic within and across Kubernetes clusters

Buoyant, the creators of the world’s lightest and fastest service mesh, Linkerd, unveiled new security features in Linkerd and in Buoyant Cloud, its SaaS platform for running Linkerd in mission-critical environments. These features include the launch zero-trust network policies in the new Linkerd 2.11 release as well as the addition of new network policy management capabilities in Buoyant Cloud.

“The network policy features in Linkerd 2.11 allow Kubernetes operators to control which types of network traffic are allowed in their cluster in a way that follows zero-trust principles and builds directly on top of the cryptographic authentication and encryption provided by mutual TLS,” said William Morgan, CEO and cofounder of Buoyant. “With the addition of new policy and traffic management features to Buoyant Cloud, this means that Kubernetes users everywhere can easily manage the encryption, identity, and authorization of all traffic on their clusters in a way that was never possible before.”

Top AIOps News: Synaptics Accelerates Low Power Edge AI Deployment with Edge Impulse Partnership

While Kubernetes include some built-in mechanisms for restricting network communication, these features are based on low-level information such as the IP address and can express only a limited range of policies. In contrast, Linkerd’s network policies use the cryptographically-secure identities provided by mutual TLS (mTLS) to provide encryption and fine-grained identity while capturing a wide range of behaviors. For example, Kubernetes users can ensure that access to a sensitive service comes from a specific namespace or service account; that all communication to a service is secured by mTLS; and more. In accordance with the principles of zero trust, Linkerd’s encryption, authentication, and authorization are all enforced at the most granular level—that of the pod receiving the traffic.

“Linkerd’s new traffic policies can enable us to secure our Kubernetes clusters in a way that we couldn’t easily accomplish before,” said Christian Hüning, Director of Cloud Technologies at finleap connect, a leading financial services provider in Europe. “Security and compliance are core values for us, and Linkerd and Buoyant Cloud allow us to provide best-in-class security based on zero trust principles for our customers.”

Top iTechnology Netwroking News: Lightbits Labs Delivers Industry’s First Software-Defined NVMe/TCP Storage Solution for VMware

Paired with the release of Linkerd 2.11 is the launch of new features in Buoyant Cloud that allow Linkerd users to manage their policies and to monitor the effect they have on the traffic in their clusters. With Buoyant Cloud, users can now easily verify the policies that are in effect for each allowed or attempted type of traffic on their cluster, and detect anomalies such as unexpected plaintext traffic or policy violations. Combined with Buoyant Cloud’s existing feature set, these features reinforce Buoyant Cloud’s role as an essential tool for security-conscious Linkerd operators.

In addition to the network policy enforcement features, Linkerd 2.11 also introduces several improvements and performance enhancements, which include retries for gRPC calls, a fix for container startup ordering issues, and further reductions in Linkerd’s data plane and control plane resource usage—building on its demonstrated ability to be many times smaller and faster than other service meshes such as Istio.

Top iTechnology Netwroking News: Syntiant Brings Artificial Intelligence Development to Everyone, Everywhere with Introduction of TinyML Platform

Related posts

Expereo Acquires Global Managed Internet Access Provider, Brodynt

Orion Innovation Names Horst Gallo Chief People Officer

IDG CIO Think Tank on 5G in the Enterprise Delivers Deep Insights into the Future of 5G at Work

CIO Influence News Desk

Leave a Comment