Zack Butcher, a founding engineer at Tetrate, said government agencies looking to implement a zero trust architecture to improve their cybersecurity posture should adopt an infrastructure layer called service mesh.
He wrote in an article published on Carahsoft.com that a service mesh like Istio could enable agencies to intercept network traffic among applications and implement identity-based segmentation.
Butcher discussed how the company’s Tetrate Service Bridge helps operationalize the service mesh in support of the U.S. Air Force and other components of the Department of Defense.
He noted that the Air Force has been using Tetrate to ensure the security of its cloud platform with single sign-on for mission apps, runtime service authorization and authentication and FIPS-compliant encryption in transit without making changes to mission application code.
According to Butcher, a service mesh could help teams working on mission-critical applications to update such apps in a more safe and rapid fashion.
“The security team can incorporate security measures while the networking and platform teams can update load-balancing settings or facilitate networking between different data centers or clouds,” he added.
Butcher is co-author of the National Institute of Standards and Technology’s Special Publication 800-200 series and SP 800-207A about zero trust.