SAN FRANCISCO--(BUSINESS WIRE)--Aporeto, the Zero Trust security solution for microservices, containers and the cloud, today announced its extensive integration with Istio, the open source service mesh platform that connects, manages and secures microservices at scale.
Istio’s service mesh is an open-source community-driven effort led by Google, IBM and Lyft that is designed to address the operational needs – observability, load-balancing and canary deployments – of deploying microservices at scale. Istio introduces security potential into containerized environments that are otherwise expensive and complex to develop from scratch, with the promise of enabling encryption across all applications, associated public key infrastructure (PKI) logic for transport layer security (TLS), and powerful application program interface (API) layer authentication and authorization capabilities.
Istio is pioneering the service mesh architecture that promises to simplify the operational complexities of managing and scaling applications across private and public clouds. While the project is still in its infancy, it is having profound impacts on cloud-native architectural decision making in organizations of all sizes. In order to get full value from the security potential which Istio offers, it is crucial to deploy Istio along with a uniform, distributed microservices security layer.
Aporeto’s comprehensive microservices security platform and deep integration with Istio, provides the first secure, automated and hybrid enterprise Istio deployment, allowing organizations to securely operationalize a service-mesh architecture. Based fully on upstream Istio, the Aporeto Istio deployment provides a unified interface for identity, policy management, and security controls, while enabling developers to continue using familiar APIs for traffic management. Strict separation of duties controls allows security and operations teams to share the responsibility of scalable Istio deployment. A hardened service identity platform eliminates cloud provider lock-ins.
“The promise and flexibility of service mesh architectures is revolutionizing traditional networking and transforming security architectures. Our customers are looking for methods to adopt these technologies and support enterprise grade deployments while simplifying operations and visibility in their service interactions,” explained Dimitri Stiliadis, Co-Founder and Chief Technology Officer. “With Aporeto for Istio we are offering another necessary level of security, visibility, monitoring, and operational simplicity for Istio operations.”
Aporeto support for Istio provides the following benefits on an Istio environment:
- Powerful and intuitive Istio authorization policy creation and management that leverages Envoy proxy for enforcement through an Aporeto Mixer adapter.
- Uniform security policy across heterogeneous environments, so that your Istio service mesh environment can securely integrate with other Kubernetes, virtualized and even non-containerized workload environments with external APIs.
- Enforcement of security policies in multi-cluster Istio environments to support customer applications requiring geo-redundancy or environmental segregation requirements.
- End to end visibility and audibility for your application communications across service mesh and non-service mesh environments helping with security compliance.
- Security vulnerability management, threat detection, behavioral profiling, security auditing, alerting and orchestration in Istio environments.
The Aporeto integration with Istio beta is available to select design partners and can be introduced transparently without any modifications of an operational service mesh.
For more information on Aporeto for Istio or to get involved, please visit the Aporeto website.
Aporeto is a Zero Trust security solution for microservices, containers and the cloud. Fundamental to Aporeto’s approach is the principle that everything in an application is accessible to everyone and could be compromised at any time. Aporeto uses identity context, vulnerability data, threat monitoring and behavior analysis to build and enforce authentication, authorization, and encryption policies for applications. With Aporeto, enterprises implement a uniform security policy decoupled from the underlying infrastructure, enabling workload isolation, API access control and application identity management across public, private or hybrid cloud. For more information, check out www.aporeto.com or www.twitter.com/aporeto.