So what is a service mesh?
As applications are decomposed from monoliths, all of the resulting microservices need new tools to address the connectivity challenges that arise in handling distributed services. Modern applications are often composed of tens, hundreds, or more microservices that run in containers distributed on-premises and in the cloud. An Istio service mesh defines both the control plane (to configure desired service connectivity and behavior) and the data plane (to direct traffic, enforce security rules, and provide observability).
Istio has had years to mature into a robust solution for enterprise environments, but also continues to develop many new innovations with releases on a quarterly cadence. Enterprise Istio service mesh management enhances basic open source Istio with long-term production support, multi-cluster capabilities, advanced/federated security with FIPS-ready builds, software lifecycle management, and everything else you need for successful Day 2 operations.
Application networking is a team sport
While not strictly a security feature of a service mesh, one important consideration is the availability of enterprise support and defined service-level agreements (SLAs) for response. Community support for open source software itself doesn’t meet the requirements for production deployments, so you need a vendor on standby to help you out. Inevitably there will be issues and when a CVE (common vulnerabilities and exposures) incident is discovered, it is reassuring to know that someone can quickly patch your code and even backport the fix to older versions if you haven’t kept up with the rapid pace of new releases.
What is a service mesh?
What is Istio?