Hacker News new | ask | show | jobs
by Spearchucker 3320 days ago
I agree with your point about layer 3 networking being unable to easily tackle these problems. I question though, whther Istio is "all that".

Securing an endpoint without requiring changes within the endpoint has been done for some time - Whale Communications, which became Unified Access Gateway, F5 Big IP, IBM DataPower... They are called web application firewalls, and unless I'm missing something Istio is no more than that, but targeted at micro services.
1 comments
spullara 3319 days ago
You are missing experience working in an environment with endpoint scale. You can't configure the O(N^2) paths between application instances changing every hour with those kinds of systems.
link
grays 3319 days ago
More information here: https://istio.io/blog/istio-auth-for-microservices.html
link