Get The Fully Supported Service Mesh

Aspen Mesh provides the observability, security and scalability you need to operate service mesh in the enterprise, all in an easy-to-use package

 

Submit Your Resume

Upload your resume. (5 MB max - .pdf, .doc, or .docx)

mTLS and Service Mesh Security

mTLS: The Basics

When transitioning from a monolithic to microservices architecture, it’s important to consider that breaking applications into smaller pieces increases the surface area for attacks. 

Mutual Transport Layer Security (mTLS) addresses this security challenge by providing client and server side security for service to service communications, enabling organizations to enhance network security with reduced operational burden.

Service Mesh and Security

mTLSKubernetes provides basic secret distribution and control-plane certificate management, while service meshes like Istio can connect and secure the microservices running in your cluster.

As part of your security efforts, it’s important to provide encryption between services in the mesh. Service mesh provides defense with mutual TLS encryption of the traffic between your services so you can:

  • Automatically encrypt and decrypt requests and responses to remove that burden from your application developers
  • Improve performance by prioritizing the reuse of existing connections, reducing the need for the computationally expensive creation of new ones
  • Understand and enforce how services are communicating, and prove it cryptographically

A service mesh also provides other security-related services including adaptively routing L7 traffic and RBAC capabilities. 

mTLS and Aspen Mesh

Security is a critical issue. Aspen Mesh provides more than just client server authentication and authorization. It allows you to understand and enforce how your services are communicating. On top of that, our UI is built to show mTLS status at a glance.

We also help you to easily configure mesh-wide service-to-service authentication and end-user authentication. The default Aspen Mesh installation enables mesh-wide mTLS automatically without any code changes required. And our Istio Vet tool allows you to verify the configuration of your mesh so you can verify it’s secure. 

We’re here to set you up for success. More than just security tools, Aspen Mesh provides features including load balancing, service discovery, ingress and egress control, distributed tracing, metrics collection and visualization, policy and configuration enforcement, traffic routing, and enhanced security.

Download Aspen Mesh beta for free to get started.