Connecting, securing, controlling, and observing microservice communication is tough. We make it accessible to all.
Security-related problems in production APIs with ≥1 incident in K8s environment
Of application development capacity wasted on undifferentiated heavy lifting.
Reduction in cost of downtime for organizations with leading observability practices
The truth about service connectivity is that choosing the right pattern matters.Service mesh is the right pattern. Let's look at the anti-patterns ...
Every hour you spend on developing and supporting networking infrastructure is an hour you lose in creating differentiated value for your own customers. DIY approaches to service connectivity waste time and produce inconsistent, error-prone results.
Routing internal network traffic through your existing centralized gateway might seem like an easy win for security and observability. In reality, hairpinning traffic through a legacy gateway slows down traffic, increases cost, and introduces a single point of failure into your distributed architecture.
While firewalls are an important part of network isolation and security configuration, they are heavyweight and inflexible tools to deploy for every service-to-service interaction. Ticket-based workflows for network admins to create new firewall rules kill velocity and result in partial solutions to service connectivity concerns.
Existing CNI implementations address L3 and L4 policy, but are deeply flawed at L7 and lack core security features such as mTLS. A comprehensive approach to service connectivity combines Network Policy with a service mesh to establish a defense-in-depth approach to network security, observability, and resiliency.
Ambient Mesh removes the need for sidecars while building upon Istio’s strengths.
Corporate contributor to Istio
Individual contributor to Istio
Total contributors to Istio
Technical Oversight Committee members
Steering Committee members
