Securing Kubernetes Ingress Traffic for Public-Facing Microservices Using TLS Termination and WAF Integration
Author(s): Charan Shankar Kummarapurugu
Publication #: 2411037
Date of Publication: 03.03.2020
Country: USA
Pages: 1-9
Published In: Volume 6 Issue 2 March-2020
DOI: https://doi.org/10.5281/zenodo.14183876
Abstract
As Kubernetes has become a leading platform for managing containerized microservices, securing the flow of external traffic into these systems has grown increasingly important. Public-facing microservices are particularly exposed to threats like data breaches, Distributed Denial of Service (DDoS) attacks, and unauthorized access. This paper presents a solution that combines Transport Layer Security (TLS) termi- nation and a Web Application Firewall (WAF) to address these security challenges. TLS termination ensures that communication between users and services remains encrypted, protecting data in transit, while the WAF offers an additional safeguard by analyzing incoming HTTP/HTTPS traffic for potential threats. The proposed architecture integrates seamlessly with Kubernetes, using automated tools for managing TLS certificates and applying WAF rules. Through performance benchmarks and security tests, this study demonstrates that the approach effectively balances robust security with low latency, making it a viable option for deployment in enterprise-grade Kubernetes environments. The results highlight the practical benefits of the solution, offering improved protection without compromising on performance.
Keywords: Kubernetes, Microservices, Ingress, TLS Termi- nation, Web Application Firewall (WAF), Security
Download/View Count: 134
Share this Article