Isovalent Cilium Enterprise: TLS Visibility
In this scenario, we are going to show how Isovalent Cilium Enterprise can provide visibility into TLS traffic.
In Security Audits, a company or team has to verify their application protects data in transit and doesn’t leak information during communication, especially when data leaves a sensitive internal network. Mechanisms like TLS ensure that data is encrypted in transit, but verifying that a TLS configuration is secure becomes a challenge for most companies.
In this lab, you will learn how Isovalent Cilium Enterprise can 1) identify the version of TLS being used, informing us if an obsolete and insecure version is being used, 2) report on the cipher being used and 3) export events in JSON format to SIEM.
Main steps in the lab
Let's explore the lab environment and verify the installation has been successful.
Let's use Tetragon and see the level of visibility we get out of the box.
Let's deploy a TracingPolicy to gain deeper insight into TLS communications.
Events can be exported to SIEM in the JSON format. Let's look at some of the standard event outputs.