Kubernetes namespaces - they’re an essential feature for building modern cloud architectures. Namespaces let you split up a single cluster into multiple “virtual clusters”. Resources like pods, replicasets, and deployments all live in namespaces. You can think of a namespace as being a resource’s last name - it specifies which family the resource is part of - and normal resources can have one and only one namespace (There are exceptions like the Node resource which is cluster-wide and doesn’t belong to any namespace). If you don’t think you’re using namespaces on your cluster then you’re wrong. You’re actually just putting everything into the default namespace.
Three Ways to Simplify and Secure your Infrastructure using Kubernetes Namespaces
Jul 24, 2020 5:59:56 AM / by Natan Yellin posted in kubernetes, Micro segmentation, microservices, network security, Kubernetes security, namespaces
Micro-segmentation for Better Cloud Security
Oct 10, 2018 5:20:56 AM / by Tal Rom posted in cloud security, Micro segmentation, workload protection
Micro-segmentation is an emerging practice that is quickly becoming a critical facet of cloud security. Its objective is not only to prevent compromise, but also to deal with what happens after compromise occurs. The purpose of micro-segmentation is to isolate applications and services from one another in order to prevent attackers from achieving their goals—even if they succeed in initially breaching the organization’s IT defenses.