Network Security for Apps on OpenShift

Explore network security strategies for applications on OpenShift in this 53-minute Red Hat conference talk. Delve into crucial enterprise concerns about adopting container platforms in production, including securing application tiers, restricting external service connections, and safeguarding ingress. Examine various networking scenarios, system samples, and network security zones. Learn about separate cluster zones, egress management at project level, Egress Firewall implementation, and OpenShift Router configurations. Discover IP whitelisting techniques, Node Port approaches, and IPSec integration. Investigate application-level and Layer 7 security measures, and understand how service mesh enhances overall network security in OpenShift environments.

Introduction
Agenda
OpenSDM
Networking scenarios
System sample
Summary
Network security zones
Separate cluster zone
Other options
How does Egress happen
Project level Egress
Egress Firewall
OpenShift Router
IP Whitelisting
Node Port Approach
Type as External IP
IPSec
Application level
Layer 7 security
Network security
Service mesh
Security