Application security and multi-cloud networking

Course description:

New trends in the operation of applications, driven primarily by containerization and without running traditional servers, have a significant impact on how applications are designed, networked and secured. Network policies and policies can no longer be managed only at the classic level of network elements. Existing tools designed to protect against attacks called WAF (Web Application Firewall), but they can not protect against errors and communication of the applications themselves and their APIs. This creates the need for a new security approach focused on applications and their API communication.
The training focuses on an introduction to the issues of management, analysis and operation of globally distributed applications and their API interfaces.
The Application Security and Multi-Cloud Networking training is built as an introduction to the issues of the new approach to application security and their APIs. It deals with current trends in containerization and distributed applications running in different clouds or locations. DevOps, NetOps or Architekt will gain insight into the latest approaches in the field of security API, multi-cloud or service mesh. Most of the topics are demonstrated on the live environment of the labs in the SaaS Volterra environment, where each participant has the opportunity to try everything in a dedicated tenant.

Target audience:

• NetOps
• DevOps
• IT systems designers

Prerequisites:

Common knowledge of networks, firewalls, the concept of micro services and the application API.
Module 1: Introduction to distributed application networking
– Trends in Cloud Native (transition from static monolithic applications to dynamic distributed microservices)
– Service discovery and multi-cloud networking (connectivity between public cloud AWS and on-premise)
– The concept of ADN (Application Delivery Network) – Deployment of micro services across several locations
– Definition of origin pool
– Delegation of domains with automatic certificate generation
– HTTP Load Balancer (Anycast L7 load balancing)
– TCP Load Balancer
– Service Mesh in a multi-cloud environment
– Observability and Troubleshooting – Analysis of metrics and log in the environment of micro services and their use in troubleshooting

Module 2: Application security
– Key principles for securing applications and their APIs
– Web Application Firewall Concept (Filtering, monitoring and blocking HTTP traffic)
– Use Service Policies to define intent instead of standard IP / port firewall rules
– Discovery of application communication and automatic generation of service policies
– Use Captcha or Javascript Challenge to protect web applications
– Identification of PII (personally identifiable information) data in API communication
– Anomaly detection and machine learning within the service mesh
– Definition of Rate-Limiting to protect against L7 DDoS attacks
– Fast ACL and protection against L7 attacks

Note:​​

Every student has assigned to him his own virtual lab environment setup.

Additional details:

To attend this course, you need to have:
• PC/Laptop with internet access
• Updated web browser
• Any OS supported by `kubectl` binary
• SSH client

Application security and multi-cloud networking

840
  • CATEGORY: Security Course
  • DURATION: 2 days
  • SKILL LEVEL: Specialized
  • LECTURES: 2 lessons

Register
  • PRICE: 840 €
  • CATEGORY: Security Course
  • DURATION: 2 days
  • SKILL LEVEL: Specialized
  • LECTURES: 2 lessons

Course description:

New trends in the operation of applications, driven primarily by containerization and without running traditional servers, have a significant impact on how applications are designed, networked and secured. Network policies and policies can no longer be managed only at the classic level of network elements. Existing tools designed to protect against attacks called WAF (Web Application Firewall), but they can not protect against errors and communication of the applications themselves and their APIs. This creates the need for a new security approach focused on applications and their API communication.
The training focuses on an introduction to the issues of management, analysis and operation of globally distributed applications and their API interfaces.
The Application Security and Multi-Cloud Networking training is built as an introduction to the issues of the new approach to application security and their APIs. It deals with current trends in containerization and distributed applications running in different clouds or locations. DevOps, NetOps or Architekt will gain insight into the latest approaches in the field of security API, multi-cloud or service mesh. Most of the topics are demonstrated on the live environment of the labs in the SaaS Volterra environment, where each participant has the opportunity to try everything in a dedicated tenant.

Target audience:

• NetOps
• DevOps
• IT systems designers

Prerequisites:

Common knowledge of networks, firewalls, the concept of micro services and the application API.
Module 1: Introduction to distributed application networking
– Trends in Cloud Native (transition from static monolithic applications to dynamic distributed microservices)
– Service discovery and multi-cloud networking (connectivity between public cloud AWS and on-premise)
– The concept of ADN (Application Delivery Network) – Deployment of micro services across several locations
– Definition of origin pool
– Delegation of domains with automatic certificate generation
– HTTP Load Balancer (Anycast L7 load balancing)
– TCP Load Balancer
– Service Mesh in a multi-cloud environment
– Observability and Troubleshooting – Analysis of metrics and log in the environment of micro services and their use in troubleshooting

Module 2: Application security
– Key principles for securing applications and their APIs
– Web Application Firewall Concept (Filtering, monitoring and blocking HTTP traffic)
– Use Service Policies to define intent instead of standard IP / port firewall rules
– Discovery of application communication and automatic generation of service policies
– Use Captcha or Javascript Challenge to protect web applications
– Identification of PII (personally identifiable information) data in API communication
– Anomaly detection and machine learning within the service mesh
– Definition of Rate-Limiting to protect against L7 DDoS attacks
– Fast ACL and protection against L7 attacks

Note:​​

Every student has assigned to him his own virtual lab environment setup.

Additional details:

To attend this course, you need to have:
• PC/Laptop with internet access
• Updated web browser
• Any OS supported by `kubectl` binary
• SSH client

Register

We're committed to your privacy. DevOps Artisan a Bittnet project uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Personal Data Protection Policy.
Loading...