Partner Content Speed is a critical success factor for application development teams modernizing to keep up with rapid changes in technology and market demands.
Delivering that type of agility alongside speedier development cycles often relies on a move away from monolithic architectures toward microservices.
The transition from monoliths to microservices holds significant implications for app security due to the growing usage of application programming interfaces (APIs), in themselves central to application modernization efforts. These APIs can be vulnerable attack targets, exposing application logic and sensitive data to other apps or third parties.
Organizations transitioning from traditional virtual machines (VMs) to more agile Kubernetes-based container environments can also find it difficult to seamlessly integrate modern DevSecOps and continuous integration, continuous delivery (CI/CD) practices with traditional VMs and API gateways.
Cross-vendor fabric to secure APIs
To simplify the deployment and administration of Kubernetes infrastructures, F5 has introduced the NGINX Gateway Fabric, an open source app connectivity tool that enables organizations to streamline and simplify app, service, and API connectivity within Kubernetes clusters via the data plane.
The NGINX Gateway Fabric is also designed to address limitations of current and native traffic management capabilities. Community feedback and use cases have prompted F5 to create new functions including Layer 4 routing capabilities which route external traffic to services in a cluster, and features to support service networking and new API protocols.
Fun fact - Gateway API is an open source project which F5 NGINX took an active role in driving alongside with the Kubernetes Network Special Interest Group (SIG Network) community. The ultimate goal of the project is to increase the utilization of Kubernetes platforms and ensure a more seamless operational workflow for end users.
API usage growth increases the need for API gateways. The F5 NGINX Plus cloud-native reverse proxy, load balancer and API gateway delivers adaptable and dynamic load balancing, while F5 NGINX security tools protect apps behind API gateways across distributed environments.
For organizations already using NGINX Plus as an API gateway and load balancer, deploying NGINX App Protect means that protection can be added with the least amount of complexity and lowest latency.
The NGINX App Protect runs natively on NGINX Plus and NGINX Ingress Controller to protect microservices-based apps and APIs from advanced Layer 7 attacks across distributed architectures and hybrid cloud environments. The solution seamlessly integrates into DevOps environments as a web application firewall (WAF) and Layer 7 denial-of-service (DoS) defense. It also ensures that the payload remains fully encrypted across public networks until it gets decrypted at the API gateway.
Promising pipeline
With the NGINX Gateway Fabric, a project that began in 2021, F5 envisions unified north-south and east-west Kubernetes connectivity in the Gateway API. While the Gateway API remains a collaborative effort across vendors and projects, F5 continues to work on the native NGINX implementation of the API.
F5 aims to deliver consistent application security and application services as well as application delivery and API management capabilities across an enterprise's datacenters, private clouds and public clouds. It plans to bridge the divide between NetOps and DevOps and to implement security automation by enabling DevOps to use declarative policies created by SecOps to integrate security as code into CI/CD pipelines.
These efforts should enable organizations to fully tap on the benefits of cloud-native apps and modern microservices architecture by fostering company-wide agile mindsets and DevOps methodologies while supporting multiple autonomous teams responsible for the end-to-end delivery cycle.
Contributed by F5.
https://www.theregister.com//2024/05/31/charting_a_smoother_secure_microservices/
Created by Tan KW | Nov 16, 2024
Created by Tan KW | Nov 16, 2024
Created by Tan KW | Nov 16, 2024
Created by Tan KW | Nov 16, 2024
Created by Tan KW | Nov 16, 2024
Created by Tan KW | Nov 16, 2024
Created by Tan KW | Nov 16, 2024