October 11, 2021
Los Angeles, California + Virtual
View More Details Registration

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2021 - Los Angeles, CA + Virtual and add this Co-Located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Standard Time (PST), UTC -7. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.

IMPORTANT NOTE: Timing of sessions and room locations are subject to change through Monday, September 13 due to schedule changes that will be made as speakers finalize whether speaking in person or virtually.
Back To Schedule
Monday, October 11 • 9:10am - 9:40am
Using Envoy as an Egress Proxy for TLS Enabled Traffic - Amit Jain & Kiran Kumar, VMware

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Modern apps are increasingly relying on using external 3rd party services (such as Twilio for e.g) and shared cloud services (such as S3 for e.g.). External interactions are important not only for security but for the app's continuity and resiliency as well. The use of Envoy as an egress proxy for external interactions has been limited though, mostly as the external interactions are TLS protected and Envoy is not able to decrypt the external TLS sessions. This session demos a solution that enables Envoy as an egress proxy for external access. It builds upon a combined approach of deploying Envoy as a transparent egress sidecar proxy along with the SSLproxy (github.com/sonertari/SSLproxy). In this approach, SSLproxy acts as a transparent TLS interception proxy and Envoy provides traffic management & security on the decrypted traffic. We dive into the traffic stitching mechanism and a new Envoy listener filter that acts as the glue between Envoy and SSLproxy and extends Envoy for the integrated solution.

avatar for Kiran Kumar

Kiran Kumar

Software Architect, VMware
Kiran is a software architect at VMware. Prior to joining VMware, worked at Mesh7 (acquired by VMware), a cloud-native application security company.
avatar for Amit Jain

Amit Jain

Director Of Research & Development, VMware
Amit Jain is currently leading App Security & Services team for Modern Cloud-Native apps at VMware. Prior to joining VMware, Amit Jain founded Mesh7 (acquired by VMware), a cloud-native application security company, and served as the CTO.Amit has 20+ yrs. of experience in architecting... Read More →

Monday October 11, 2021 9:10am - 9:40am PDT
Room 502 AB + Online