Leveraging Envoy for Micro-Segmentation Security Policies in Financial Services

Explore a conference talk on implementing micro-segmentation-based security policies using Envoy. Learn how JPMorgan Chase leverages Envoy's routing capabilities and filters like JWT Authentication and External Authorization to manage complex security requirements across different zones. Discover the use of AWS X-Ray Tracer for enhanced observability and the implementation of token exchange using the External Processor filter with Golang gRPC. Understand how Envoy has become a strategic tool for operating in high-security environments, replacing custom proxy implementations and providing long-term viability for potential Istio adoption. Gain insights into the cost savings, improved performance, and maintainability achieved through this Envoy-centric approach, and its potential as an evolving pattern in broader organizational security architecture.

Introduction
Companywide security policy
Filter chain
UDS support
Challenges
WebAssembly