Network Policy Security Tutorials

• Identity-Aware and HTTP-Aware Policy Enforcement
  • Setup Cilium
• Locking Down External Access with DNS-Based Policies
  • Setup Cilium
  • Deploy the Demo Application
  • Apply DNS Egress Policy
  • DNS Policies Using Patterns
  • Combining DNS, Port and L7 Rules
  • Clean-up
• Inspecting TLS Encrypted Connections with Cilium
  • Setup Cilium
  • Deploy the Demo Application
  • A Brief Overview of the TLS Certificate Model
  • Generating and Installing TLS Keys and Certificates
  • Apply DNS and TLS-aware Egress Policy
  • Demonstrating TLS Inspection
  • Clean-up
• Securing a Kafka Cluster
  • Setup Cilium
  • Deploy the Demo Application
  • Setup Client Terminals
  • Test Basic Kafka Produce & Consume
  • The Danger of a Compromised Kafka Client
  • Securing Access to Kafka with Cilium
  • Clean Up
• Securing gRPC
  • Setup Cilium
  • Deploy the Demo Application
  • Test Access Between gRPC Client and Server
  • Securing Access to a gRPC Service with Cilium
  • Clean-Up
• Securing Elasticsearch
  • Setup Cilium
  • Deploy the Demo Application
  • Security Risks for Elasticsearch Access
  • Securing Elasticsearch Using Cilium
  • Clean Up
• Securing a Cassandra Database
  • Setup Cilium
  • Deploy the Demo Application
  • Step 3: Test Basic Cassandra Access
  • The Danger of a Compromised Cassandra Client
  • Securing Access to Cassandra with Cilium
  • Cassandra-Aware Visibility (Bonus)
  • Clean Up
• Securing Memcached
  • Setup Cilium
  • Step 2: Deploy the Demo Application
  • Step 3: Test Basic Memcached Access
  • Step 4: The Danger of a Compromised Memcached Client
  • Step 5: Securing Access to Memcached with Cilium
  • Step 6: Clean Up
• Locking Down External Access Using AWS Metadata
  • Setup Cilium
  • Create AWS secrets
  • Configure AWS Security Groups
  • Create a sample policy
• Creating Policies from Verdicts
  • Setup Cilium
  • Deploy the Demo Application
  • Enable Policy Audit Mode (Entire Daemon)
  • Enable Policy Audit Mode (Specific Endpoint)
  • Observe policy verdicts
  • Create the Network Policy
  • Disable Policy Audit Mode (Entire Daemon)
  • Disable Policy Audit Mode (Specific Endpoint)
  • Verify Policy Audit Mode Is Disabled
  • Clean-up
• Host Firewall
  • Enable the Host Firewall in Cilium
  • Attach a Label to the Node
  • Enable Policy Audit Mode for the Host Endpoint
  • Apply a Host Network Policy
  • Adjust the Host Policy to Your Environment
  • Disable Policy Audit Mode
  • Clean Up