Securing Kubernetes API with SonicWall Cloud Secure Edge (CSE)
- Updated on May 31, 2024
Overview
Kubernetes (K8S) is an open-source system for automating deployment, scaling, and management of containerized applications. End users interact with K8S via the K8S API Server, typically using the kubectl
client.
From a management perspective, K8S can be deployed in two flavors:
- Managed K8S - A cloud provider (such as AWS, Azure, GCP, DigitalOcean, etc) provisions and manages the K8S cluster, tightly integrated with the cloud provider’s other offerings.
- Hosted K8S - An enterprise operations team runs a specific K8S distribution (such as RedHat OpenShift, VMware Tanzu, Mirantis, etc) and is responsible for cluster management.
For connectivity, Cloud Secure Edge (CSE) treats the Kubernetes API as a TCP Service, using Mutually Authenticated TLS (MTLS) flows to provide secure Zero Trust access.
CSE can also be configured to leverage the OIDC authentication capability built into K8S.
Sections
Can’t find what you’re looking for?
We’re happy to help. Contact our team.