Description

Discover how Gloo Platform can implement a service mesh zero trust architecture in this demonstration. We explore three components: a server API representing a protected service, a client API with legitimate access needs, and a bad actor exploiting traditional controls.

Initially, we observe the service mesh without access controls in place. Active network traffic flows without encryption, authentication, or authorization. Both the client API and the bad actor access sensitive data owned by the server API without restrictions.

Next, we apply a Gloo Platform access policy to secure the API. The policy enforces strict mutual TLS (mTLS) for access and specifies the allowed principles, in this case, the ZTA client API.

After applying the policy, we re-examine the traffic. The line between the client API and the server API is still green, indicating successful communication. However, it now features an mTLS lock icon, signifying encryption, strong identity for authentication and authorization. The bad actor encounters a red line, representing intercepted and denied requests by Gloo Platform.

To summarize, we transform an initially unsecured API into a secure one through Gloo Platform's access policy. The bad actor is denied access, while the legitimate client API communicates with the server API securely, employing encryption, authentication, and authorization using a robust mTLS identity.

Experience the power of Gloo Platform in implementing a service mesh zero trust architecture. Stay tuned for more informative content.