Open Source Istio Graduation, Formalization of NIST Standards and Breadth of Service Mesh Offerings Deliver the Zero Trust Blueprint
WASHINGTON, Sept. 6, 2023 /PRNewswire-PRWeb/ — BILLINGTON CYBERSECURITY SUMMIT—With recent advancements in open source service mesh technology, applications like zero trust are coming into focus at the Billington Cybersecurity Summit in Washington DC this week. Tetrate, the company bringing Istio and Envoy to the enterprise, recently completed a collaboration with the National Institute of Standards and Technology (NIST) to define a zero trust architecture blueprint based on open source service mesh technology.
Three recent advancements in zero trust for software developers working for federal agencies are coming into focus at the event, including:
- 1. The development of zero trust architecture standards as detailed in the NIST special publication 207A.
- 2. The graduation of open source Istio service mesh by the Cloud Native Computing Foundation. Istio is the core technology underpinning the NIST zero trust standard.
- 3. The release of Tetrate Service Express, powered by Istio and available to federal contractors and agencies implementing zero trust according to the NIST standard. The launch compliments the availability of Tetrate Istio Subscription (TIS), a popular choice among organizations that want support designing and operating their own Istio deployments for Federal projects, including the US Air Force.
In June, the White House released its cybersecurity investment priorities for fiscal 2025. The priorities align with the Federal Zero Trust Strategy released in 2022, which seeks to ensure cybersecurity practices are in place and every access attempt is verified on federal systems and networks. The priorities encourage federal agencies to adopt provisions of the National Cybersecurity Strategy for their upcoming budget and planning cycles. The memo calls on the federal government to modernize its information technology systems by investing in “durable, long-term solutions that are secure by design.”
Additionally, in July, the Cybersecurity and Infrastructure Security Agency (CISA) released an updated Zero Trust Maturity Model (ZTMM). ZTMM 2.0 assists organizations in implementing zero trust policies into their operations.
Taken together, this collection of recent technical advancements and policy guidance provide a clear roadmap for implementation and operation of zero trust architecture for anyone tasked with security applications and infrastructure for the US Federal government.
TIS is the first and only 100% pure upstream Istio distribution to achieve FIPS verification and is hardened for use in enterprise and FedRAMP environments. Tetrate’s engineers bring a deep understanding and expertise of Istio, offering comprehensive support and guidance via the TIS offering.
The engineering leadership team at Tetrate has been deeply involved in the development of Istio from the beginning, as well as instrumental in Istio’s adoption in some of its largest, most mission-critical deployments at organizations like the US Department of Defense and Informatica. Over the last year, Tetrate engineers contributed more code to the Istio and Envoy proxy projects than any other company other than Google.
NIST defines zero trust architecture as a security model, a set of system design principles and a coordinated cybersecurity and system management strategy based on an acknowledgement that threats exist both inside and outside traditional network boundaries. The zero trust security model eliminates implicit trust in any one element, component, node or service and instead requires continuous verification of the operational picture via real-time information from multiple sources to determine access and other system responses.
Meet with the Tetrate team at the Billington Cybersecurity Summit in booth #137 in the Carahsoft Partner pavilion and learn more about implementing zero trust architecture for Federal projects in compliance with White House cybersecurity investment priorities and the Federal Zero Trust Strategy, with the guidance of NIST standards and Tetrate support.
Rooted in open source, Tetrate was founded to solve the application networking and security challenges created by modern computing so enterprises can innovate with speed and safety in hybrid and multicloud environments. As applications evolve into collections of decentralized microservices, monitoring and managing the network communications and security among those myriad services becomes challenging. This is why some of the largest financial institutions, governments and other enterprises rely on Tetrate to deliver modern application networking and security. Find out more at http://www.tetrate.io.