Network Security at Scale: L3 Through L7 at Splunk

Explore Splunk's comprehensive network security architecture in this 31-minute conference talk from KubeCon + CloudNativeCon Europe. Dive into the challenges of securely connecting multiple clusters across cloud providers at scale while maintaining agility. Learn about balancing Layer 3 and Layer 4 security with Layer 7 flexibility and identity needs. Discover Splunk's networking stack, from multi-cloud VPCs for L3 to Istio for L4 and L7. Examine topics such as VPC configurations, network ACLs, Kubernetes nodes, security groups, ingress connectivity, and cloud connectivity using Aviatrix. Gain insights into Kubernetes deployment, network policies, Istio Service Mesh, gateway provisioning, and Layer 7 authentication. Understand the life cycle of an ingress request, proxy management, and the benefits of Istio Ambient design in reducing user pain. Explore defense strategies at every layer and how Splunk balances security with flexibility in their modern cloud-native environment.

Intro
Standard VPC
Network ACLS
Kubernetes nodes
Security Groups
Ingress connectivity
Internal connectivity (transit gateway)
Cloud connectivity (Aviatrix)
Aviatrix Network Domains
Kubernetes deployment
ValidatingWebhook
NetworkPolicies on K8S
Istio Service Mesh
Gateway provisioning
Ingress setup
Service abstraction layer
Layer7 Authentication
Life of an ingress request
Running One Proxy Per Instance
Managing the Magic
Ambient Reduces User Pain
Defense at Every Layer