Securing Your Istio Clusters

Filling Critical Gaps in Visibility, Security and Policy Management

Octarine complements Istio to ensure you have the security you need to optimize the value of your Kubernetes deployments. The enterprise-grade security capabilities of Octarine give you total visibility and control over all your containers, regardless of where or how they are deployed, so you can effectively enforce policies in support of your security and compliance initiatives.

Total Visibility

Octarine helps you visualize your overall topology and policies, so you can quickly understand what’s going on and can make good, effective decisions that align with your corporate and security policy needs. With Octarine, you have a complete picture of all your service-to-service communications. There are no gaps or guesses – you can zoom in and easily get all the details you need, down to the API-level, so you can see individual service instances, load, and failures, both current and past, to see what’s really happening.

Adaptive Policy Management

Octarine’s policy engine makes it easy to set and quickly adapt rules based on changes observed in the environment to optimize enforcement. There are granular controls over who can create or modify rules, with a complete audit trail for all policy creation and modification. Octarine’s policy engine can also automate policy creation and tuning for you to keep access control as tight as possible, without disrupting legitimate traffic.

Istio to Non-Istio Communication

Octarine was designed to be deployed in a wide variety of environments, including container- based, VM-based and serverless. Since its authentication framework is implemented via a layer 7 proxy, Octarine can operate within complex network topologies, including NAT, API gateways, and proxies, which are common when interacting with services outside of a single cluster.

Communication Using a Message Broker

Octarine is able to monitor and control interactions through a broker, such as RabbitMQ, Kafka or NATS. This allows you to see how and which services are accessing the broker, providing visibility into the specific message queues (AKA topics, subjects) managed by the broker. As a result, you have control over which services can be producers and consumers from each queue.

The Power of the Istio – Octarine Combination

When Istio and Octarine are deployed together, you can:

  • Mitigate Risks – know that you have full visibility into your cloud-native environment, so you can identify and reduce the risks posed by vulnerabilities and attacks.
  • Maintain Compliance – create and enforce content-based policies to protect the privacy and integrity of your sensitive and regulated information.
  • Reduce Costs – minimize operational complexity and management costs with adaptive policy management that keeps your data secure and minimizes the impact of any threats to your environment.

Download Datasheet
Istio Security