Proposed by: Rohit Ghumare

What's a Zero-Trust Tunnel? SimpleOps and SecOps with Ambient Mesh

A huge driver for service mesh adoption is security compliance. Large enterprises in heavily regulated industries or the public sector must adopt practices like zero-trust security for its application networks. A Service mesh platform such as CNCF's Istio project are growing in popularity as a vehicle for meeting these challenges.


In 2022, Google and Solo.io announced Istio Ambient Mesh to the community. Ambient offers a revolutionary data-plane architecture that allows service mesh users to ditch sidecars. A zero-trust posture is achieved, operational complexity is reduced, mesh adoption is incremental, all while reducing cost and computational overhead within a service mesh.


This talk with demo, will illustrate and articulate Ambient Mesh and two new layers: a zero-trust tunnel (ztunnel) that secures Layer 4 connectivity and a waypoint proxy that delivers Layer 7 security policies.

Source code/Reference: http://devopsguys.in

Talk duration: