loading...

Discussion on: Security in times of Docker & K8s; tech debt; & embedded integration frameworks

Collapse
exadra37 profile image
Paulo Renato

Terminating encryption (SSL/TSL) at the load balancer is another security risk. If using a Kubernetes cluster, move the TLS termination into the cluster and then encrypt all traffic within the cluster.

People always laugh on me when I recommend this :(

But this kind of people just learn in the hard way, aka after they been breached and paid a huge fine, because if no money losses are involved they may continue with the same attitude... Sadly I have seen this happen.

Collapse
mohanarpit profile image
Arpit Mohan Author

Generally, there's a lot more chatter on an internal network than on public networks. TLS within a private network definitely provides greater security, but how do you contend with performance loss of encrypting and decrypting internal traffic?