SlideShare a Scribd company logo

Military Edge Computing with Vault and Consul

Mitchell Pronschinske
Mitchell Pronschinske

Learn how Vault and Consul make sense in military scenarios, where edge computing, loose coupling, and resilience are crucial.

1 of 29
Downloaded 17 times
Copyright © 2019 HashiCorp Securing The Edge: Military Computing Systems Timothy J. Olson - SE, Public Sector
Secrets Management for Tactical Systems Providing secure edge computing to warfighters Provide secrets management to tactical units for battlefield management and secure communication workflows ▪ Operable in Isolation Operational in the face of long-term losses of connectivity with infrastructure ▪ Resilient Secure against possible physical compromise ▪ Easy to Use Requires little/no development support from warfighter users
Solution: Vault + Consul Leverage Vault and Consul to provide highly available, resilient, and secure access to tactical computing systems at the edge ▪ Centrally manage and distribute K/V secrets to warfighters using Vault Agent Caching and Templating ▪ Replicate secrets and perform distributed consensus via Vault Replication ▪ Leverage Consul to perform service discovery and networking of Vault across tactical IP networks
Evolving application workload delivery Challenge How to deliver Enterprise to Edge applications securely and consistently? Solution Embracing a new operating model for dynamic cloud architectures: a cloud operating model. PHYSICAL VMs CONTAINERS SERVICES APP SERVER CLOUD NATIVE SERVERLESS EDGE DEVICES Run Development Connect Networking Secure Security Provision Operations Dedicated Infrastructure Scheduled across the fleet Host-based Static IP Service-based Dynamic IP High trust IP-based Low trust Identity-based Dedicated servers Homogeneous Capacity on-demand Heterogeneous STATIC/FIXED DYNAMIC
Evolving application workload delivery vSphere Hardware IP: Hardware vCenter vSphere Various Hardware Identity: AD/LDAP Terraform EKS / ECS Lambda CloudApp/ AppMesh Identity: AWS IAM Cloud Formation AKS / ACS Azure Functions Proprietary Identity: Azure AD Resource Manager GKE Cloud Functions Proprietary Identity: GCP IAM Cloud Dep. Manager Challenge How to deliver Enterprise to Edge applications securely and consistently? PHYSICAL VMs CONTAINERS SERVICES APP SERVER CLOUD NATIVE SERVERLESS EDGE DEVICES Solution Proprietary solutions reduce flexibility and creates complexity across vendors Run Development Connect Networking Secure Security Provision Operations DEDICATED HYBRID/MULTI CLOUD EDGEENTERPRISE
Evolving application workload delivery Networking Security Infrastructure Orchestration Challenge How to deliver Enterprise to Edge applications securely and consistently? Solution Establish central shared service platforms with a single control plane, and consistent workflows. PHYSICAL VMs CONTAINERS SERVICES APP SERVER CLOUD NATIVE SERVERLESS EDGE DEVICES EDGEENTERPRISE
A Common Operating Model with the HashiCorp Suite Provision Operations Secure Security Connect Networking Run Development Private Cloud AWS Azure GCP
Cloud Operating Model Shared Services Multi Cloud Infrastructure Automation — Infrastructure as code Compliance & management Self service infrastructure Provision / Operations Multi Cloud Security Automation — Identity-based security Secrets management Encryption as a service Advanced data protection Secure / Security Multi Cloud Networking Automation — Common service registry Service registry and discovery Network middleware automation Service mesh Connect / Networking Multi Cloud Application Automation — Workload orchestration Container orchestration Heterogeneous orchestration Run / Development
Vault: Security Automation Provides the foundation for cloud security that uses trusted sources of identity to keep secrets and application data secure in the cloud operating model Secrets management to centrally store and protect secrets across clouds and applications Data encryption to keep application data secure across environments and workloads Advanced Data Protection to secure workloads and data across traditional systems, clouds, and infrastructure.
Vault: Hybrid / Multi-Cloud Security Secure Multi Cloud Security ● Hybrid / Multi Cloud Secrets Management ○ Enables teams to securely store and tightly control access to tokens, passwords, certificates, and encryption keys for protecting machines and application ● EaaS: Encryption as a Service
Single Control Plane for cloud security ● Automate, control, and secure infrastructure and applications through one API ● Unified support across heterogeneous environments ● Integrate with providers and technologies you’re already using
© 2018 HashiCorp Vault Agent VAULT APPROACH TO DYNAMIC INFRASTRUCTURE 12 Vault Agent is a client daemon that provides the following features: ● Auto-Auth - Automatically authenticate to Vault and manage the token renewal process for locally-retrieved dynamic secrets. ● Caching - Allows client-side caching of responses containing newly created tokens and responses containing leased secrets generated off of these newly created tokens. ● Templating - Allows rendering of user supplied templates by Vault Agent, using the token generated by the Auto-Auth step.
© 2018 HashiCorp Vault Agent Caching VAULT APPROACH TO DYNAMIC INFRASTRUCTURE 13 Vault Agent Caching can cache the tokens and leased secrets proxied through the agent which includes the auto-auth token. This allows for easier access to Vault secrets for edge applications, reduces the I/O burden for basic secrets access for Vault clusters, and allows for secure local access to leased secrets for the life of a valid token
© 2018 HashiCorp Vault Agent Templates VAULT APPROACH TO DYNAMIC INFRASTRUCTURE 14 Vault Agent Templates allows Vault secrets to be rendered to files using the Consul Template markup language. This significantly simplifies the workflow when you are integrating your applications with Vault.
Consul Provides a foundation of cloud network automation using a shared registry for service based networking 50k+ Used at scale with 50k+ agents 1M+ Monthly D/Ls Service registry & health monitoring to provide a real-time directory of all services with their health status Network middleware automation with service discovery for dynamic reconfiguration as services scale up, down or move Zero trust network with service mesh to secure service-to-service traffic with identity-based security policies and encrypted traffic with Mutual-TLS
The Shift from Static to Dynamic Networking ● Modular services with dynamic IPs, running on bare metals, VMs, containers... ● 85% of volume from complex east-west traffic* ● No clear network perimeters
Consul: Hybrid / Multi-Cloud Service Networking (MESH) Connect Hybrid/Multi Cloud Service Networking ● Consul provides a hybrid/multi-cloud service networking layer to connect and secure services ● Service Registry & Discovery ○ Common service registry ○ Integrated health checks ○ DNS and API interfaces to enable any service to discover and be discovered by other services. ● Consistent registry and discovery of services across multi-data center, cloud, and platform environments. ● Service Mesh ○ Consul provides a distributed service mesh to connect, secure, and configure services across any runtime platform and cloud.
Consul Connect Consul Connect provides service-to-service connection authorization and encryption using mutual Transport Layer Security (TLS). Applications can use sidecar proxies in a service mesh configuration to establish TLS connections for inbound and outbound connections without being aware of Connect at all. Applications may also natively integrate with Connect for optimal performance and security. Connect can help you secure your services and provide data about service-to-service communications. Secure service-to-service traffic with identity-based security policies and encrypted traffic with Mutual-TLS
Single Control Plane for cloud networking ● Automate and control the data plane with central service registry ● Unified support across heterogeneous environment ● Simplified operation with single workflow
Unified Networking Solution for Hybrid/Multi-Cloud
Vault Replication for Military Systems Leverage Vault Replication to allow edge-based warfighting systems to perform secrets management with centralized Vault environments. ▪ Primary: Source of truth located in central ship or land-based command operations center. ▪ Secondaries: Located at mobile C2I centers that can connect directly to edge systems. ▪ Vault Agent: Deployed on edge warfighting systems for local secrets management operations using K/V. Primary Vault Cluster Land or naval command operations centers Vault Performance Secondary Mobile C2I such as E3 or M1113 Vault Agent Edge system that uses Vault K/V
Mesh Networking with Consul Connect Using Consul Connect will allow Vault Agents to route communications to Vault clusters via the Airborne Network ▪ Allows Vault Agent to sync ad hoc with Vault performance secondaries via TTNT, WNW to Airborne Network routers when available ▪ Minimize round trip delay and provide additional options for Vault replication reference architectures TTNT = Tactical Targeting Network Technology WNW = Wideband Network Waveform
Secrets Management in Adverse Conditions When in periods of reliable/semi-reliable connectivity, use Consul + Vault Agent Caching and Templating to reflect the active state of secrets in the primary within files local to the edge system. Vault Agent (/foo/bar, value_1) Secondary Cluster (/foo/bar, value_1) Primary Cluster (/foo/bar, value_1) Reliable/Semi-Reliable Connectivity
Secrets Management in Adverse Conditions When outside the range of connectivity, Vault Agent Caching & Templating retains the last known version of K/V in the linked file that references the secret. This ensures continued access for local applications at the edge while the secondary cluster remains disconnected in the field. Secondary Cluster (/foo/bar, value_1) Primary Cluster (/foo/bar, value_1) Reliable/Semi-Reliable Connectivity Vault Agent (/foo/bar, value_1) ?
Secrets Management in Adverse Conditions When TTL expires and/or operator thinks edge compromised, primary iterates K/V version with new value ▪ Agent is unable to retrieve an update to their K/V pair until they re-enter connectivity with a connected secondary and reauthenticate. ▪ Resilience against compromise of edge system. Compromises isolated at the edge. ▪ Ensures primary/connected secondaries can still reference previous K/V pair via previous versions. Connected Secondary V1: (/foo/bar, value_2), V0: (/foo/bar, value_1) Primary Cluster V1: (/foo/bar, value_2), V0: (/foo/bar, value_1) Reliable/Semi-Reliable Connectivity Disconnected Secondary (/foo/bar, value_1) Vault Agent (/foo/bar, value_1)
Secrets Management in Adverse Conditions When reliable/semi-reliable connectivity re-established, use Vault Agent Templating and Vault Replication to reflect the active state of secrets in the primary within files local to the edge system. Reliable/Semi-Reliable Connectivity Connected Secondary V1: (/foo/bar, value_2) V0: (/foo/bar, value_1) Primary Cluster V1: (/foo/bar, value_2) V0: (/foo/bar, value_1) Vault Agent V1: (/foo/bar, value_2) V0: (/foo/bar, value_1)
Secrets Management for Tactical Systems Vault and Consul: Providing secure edge computing to warfighters Provide secrets management to tactical units for battlefield management and secure communication workflows ▪ Operable in Isolation Operational in the face of long-term losses of connectivity with infrastructure ▪ Resilient Secure against possible physical compromise ▪ Easy to Use Requires little/no development support from warfighter users
Secrets Management for Tactical Systems Providing secure edge computing to warfighters Provide secrets management to tactical units for battlefield management and secure communication workflows Solution: Vault + Consul
www.hashicorp.com hello@hashicorp.co m Thank you
Ad

Recommended

Vault 1.4 integrated storage overview
Vault 1.4 integrated storage overviewVault 1.4 integrated storage overview
Vault 1.4 integrated storage overview
Mitchell Pronschinske
 
Vault 1.5 Overview
Vault 1.5 OverviewVault 1.5 Overview
Vault 1.5 Overview
Mitchell Pronschinske
 
Multi-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul ConnectMulti-Cloud with Nomad and Consul Connect
Multi-Cloud with Nomad and Consul Connect
Mitchell Pronschinske
 
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft AzureModernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Modernizing Application Deployments with HashiCorp Consul on Microsoft Azure
Mitchell Pronschinske
 
Getting Started with Kubernetes and Consul
Getting Started with Kubernetes and ConsulGetting Started with Kubernetes and Consul
Getting Started with Kubernetes and Consul
Mitchell Pronschinske
 
Hashicorp Vault - OPEN Public Sector
Hashicorp Vault - OPEN Public SectorHashicorp Vault - OPEN Public Sector
Hashicorp Vault - OPEN Public Sector
Kangaroot
 
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum ResultsMulti-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
Multi-Cloud Roadmap: Architecting Hybrid Environments for Maximum Results
RightScale
 
Better Together: JWT and Hashi Vault in Modern Apps
Better Together: JWT and Hashi Vault in Modern AppsBetter Together: JWT and Hashi Vault in Modern Apps
Better Together: JWT and Hashi Vault in Modern Apps
Shrivatsa Upadhye
 
Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2
Ashnikbiz
 
Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysConsul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
Mitchell Pronschinske
 
F5 Automation Toolchain
F5 Automation ToolchainF5 Automation Toolchain
F5 Automation Toolchain
MarketingArrowECS_CZ
 
Integrating Terraform and Consul
Integrating Terraform and ConsulIntegrating Terraform and Consul
Integrating Terraform and Consul
Mitchell Pronschinske
 
Demystifying Terraform 012
Demystifying Terraform 012Demystifying Terraform 012
Demystifying Terraform 012
Stenio Ferreira
 
Welcome to the Multi-cloud world
Welcome to the Multi-cloud worldWelcome to the Multi-cloud world
Welcome to the Multi-cloud world
Lew Tucker
 
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Stenio Ferreira
 
Self-Driving Storage and Applications Integration
Self-Driving Storage and Applications IntegrationSelf-Driving Storage and Applications Integration
Self-Driving Storage and Applications Integration
MarketingArrowECS_CZ
 
Preparing for Multi-Cloud
Preparing for Multi-CloudPreparing for Multi-Cloud
Preparing for Multi-Cloud
Konstantin Tjuterev
 
StorageOS, Storage for Containers Shouldn't Be Annoying at Container Camp UK
StorageOS, Storage for Containers Shouldn't Be Annoying at Container Camp UKStorageOS, Storage for Containers Shouldn't Be Annoying at Container Camp UK
StorageOS, Storage for Containers Shouldn't Be Annoying at Container Camp UK
StorageOS
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
Maganathin Veeraragaloo
 
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp
 
Microsoft Azure Stack in Tunisia
Microsoft Azure Stack in TunisiaMicrosoft Azure Stack in Tunisia
Microsoft Azure Stack in Tunisia
Aymen Mami
 
GDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud Boundaries
GDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud BoundariesGDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud Boundaries
GDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud Boundaries
James Anderson
 
Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185
jtaylor707
 
Hashicorp Corporate and Product Overview
Hashicorp Corporate and Product OverviewHashicorp Corporate and Product Overview
Hashicorp Corporate and Product Overview
Stenio Ferreira
 
Multiple ways of building hybrid clouds on Kubernetes
Multiple ways of building hybrid clouds on KubernetesMultiple ways of building hybrid clouds on Kubernetes
Multiple ways of building hybrid clouds on Kubernetes
Janos Matyas
 
AWS re:Invent 2016 - Scality's Open Source AWS S3 Server
AWS re:Invent 2016 - Scality's Open Source AWS S3 ServerAWS re:Invent 2016 - Scality's Open Source AWS S3 Server
AWS re:Invent 2016 - Scality's Open Source AWS S3 Server
Scality
 
How to protect your IoT data on AWS
How to protect your IoT data on AWSHow to protect your IoT data on AWS
How to protect your IoT data on AWS
Lahav Savir
 
Vault Open Source vs Enterprise v2
Vault Open Source vs Enterprise v2Vault Open Source vs Enterprise v2
Vault Open Source vs Enterprise v2
Stenio Ferreira
 
[OpenStack Days Korea 2016] Track2 - 가상화 네트워크와 클라우드간 협업
[OpenStack Days Korea 2016] Track2 - 가상화 네트워크와 클라우드간 협업[OpenStack Days Korea 2016] Track2 - 가상화 네트워크와 클라우드간 협업
[OpenStack Days Korea 2016] Track2 - 가상화 네트워크와 클라우드간 협업
OpenStack Korea Community
 
Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerů
MarketingArrowECS_CZ
 
Ad

More Related Content

What's hot (20)

Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2
Ashnikbiz
 
Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysConsul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
Mitchell Pronschinske
 
F5 Automation Toolchain
F5 Automation ToolchainF5 Automation Toolchain
F5 Automation Toolchain
MarketingArrowECS_CZ
 
Integrating Terraform and Consul
Integrating Terraform and ConsulIntegrating Terraform and Consul
Integrating Terraform and Consul
Mitchell Pronschinske
 
Demystifying Terraform 012
Demystifying Terraform 012Demystifying Terraform 012
Demystifying Terraform 012
Stenio Ferreira
 
Welcome to the Multi-cloud world
Welcome to the Multi-cloud worldWelcome to the Multi-cloud world
Welcome to the Multi-cloud world
Lew Tucker
 
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Stenio Ferreira
 
Self-Driving Storage and Applications Integration
Self-Driving Storage and Applications IntegrationSelf-Driving Storage and Applications Integration
Self-Driving Storage and Applications Integration
MarketingArrowECS_CZ
 
Preparing for Multi-Cloud
Preparing for Multi-CloudPreparing for Multi-Cloud
Preparing for Multi-Cloud
Konstantin Tjuterev
 
StorageOS, Storage for Containers Shouldn't Be Annoying at Container Camp UK
StorageOS, Storage for Containers Shouldn't Be Annoying at Container Camp UKStorageOS, Storage for Containers Shouldn't Be Annoying at Container Camp UK
StorageOS, Storage for Containers Shouldn't Be Annoying at Container Camp UK
StorageOS
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
Maganathin Veeraragaloo
 
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp
 
Microsoft Azure Stack in Tunisia
Microsoft Azure Stack in TunisiaMicrosoft Azure Stack in Tunisia
Microsoft Azure Stack in Tunisia
Aymen Mami
 
GDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud Boundaries
GDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud BoundariesGDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud Boundaries
GDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud Boundaries
James Anderson
 
Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185
jtaylor707
 
Hashicorp Corporate and Product Overview
Hashicorp Corporate and Product OverviewHashicorp Corporate and Product Overview
Hashicorp Corporate and Product Overview
Stenio Ferreira
 
Multiple ways of building hybrid clouds on Kubernetes
Multiple ways of building hybrid clouds on KubernetesMultiple ways of building hybrid clouds on Kubernetes
Multiple ways of building hybrid clouds on Kubernetes
Janos Matyas
 
AWS re:Invent 2016 - Scality's Open Source AWS S3 Server
AWS re:Invent 2016 - Scality's Open Source AWS S3 ServerAWS re:Invent 2016 - Scality's Open Source AWS S3 Server
AWS re:Invent 2016 - Scality's Open Source AWS S3 Server
Scality
 
How to protect your IoT data on AWS
How to protect your IoT data on AWSHow to protect your IoT data on AWS
How to protect your IoT data on AWS
Lahav Savir
 
Vault Open Source vs Enterprise v2
Vault Open Source vs Enterprise v2Vault Open Source vs Enterprise v2
Vault Open Source vs Enterprise v2
Stenio Ferreira
 
Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2Securing Your CI Pipeline with HashiCorp Vault - P2
Securing Your CI Pipeline with HashiCorp Vault - P2
Ashnikbiz
 
Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh GatewaysConsul 1.6: Layer 7 Traffic Management and Mesh Gateways
Consul 1.6: Layer 7 Traffic Management and Mesh Gateways
Mitchell Pronschinske
 
F5 Automation Toolchain
F5 Automation ToolchainF5 Automation Toolchain
F5 Automation Toolchain
MarketingArrowECS_CZ
 
Integrating Terraform and Consul
Integrating Terraform and ConsulIntegrating Terraform and Consul
Integrating Terraform and Consul
Mitchell Pronschinske
 
Demystifying Terraform 012
Demystifying Terraform 012Demystifying Terraform 012
Demystifying Terraform 012
Stenio Ferreira
 
Welcome to the Multi-cloud world
Welcome to the Multi-cloud worldWelcome to the Multi-cloud world
Welcome to the Multi-cloud world
Lew Tucker
 
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Secure and Convenient Workflows: Integrating HashiCorp Vault with Pivotal Clo...
Stenio Ferreira
 
Self-Driving Storage and Applications Integration
Self-Driving Storage and Applications IntegrationSelf-Driving Storage and Applications Integration
Self-Driving Storage and Applications Integration
MarketingArrowECS_CZ
 
Preparing for Multi-Cloud
Preparing for Multi-CloudPreparing for Multi-Cloud
Preparing for Multi-Cloud
Konstantin Tjuterev
 
StorageOS, Storage for Containers Shouldn't Be Annoying at Container Camp UK
StorageOS, Storage for Containers Shouldn't Be Annoying at Container Camp UKStorageOS, Storage for Containers Shouldn't Be Annoying at Container Camp UK
StorageOS, Storage for Containers Shouldn't Be Annoying at Container Camp UK
StorageOS
 
Multi cloud security architecture
Multi cloud security architecture Multi cloud security architecture
Multi cloud security architecture
Maganathin Veeraragaloo
 
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp 2018 - Thomas Maurer - Azure Stack - Everything you need to know!
ITCamp
 
Microsoft Azure Stack in Tunisia
Microsoft Azure Stack in TunisiaMicrosoft Azure Stack in Tunisia
Microsoft Azure Stack in Tunisia
Aymen Mami
 
GDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud Boundaries
GDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud BoundariesGDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud Boundaries
GDG Cloud Southlake #9 Secure Cloud Networking - Beyond Cloud Boundaries
James Anderson
 
Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185Securing your cloud perimeter with azure network security brk3185
Securing your cloud perimeter with azure network security brk3185
jtaylor707
 
Hashicorp Corporate and Product Overview
Hashicorp Corporate and Product OverviewHashicorp Corporate and Product Overview
Hashicorp Corporate and Product Overview
Stenio Ferreira
 
Multiple ways of building hybrid clouds on Kubernetes
Multiple ways of building hybrid clouds on KubernetesMultiple ways of building hybrid clouds on Kubernetes
Multiple ways of building hybrid clouds on Kubernetes
Janos Matyas
 
AWS re:Invent 2016 - Scality's Open Source AWS S3 Server
AWS re:Invent 2016 - Scality's Open Source AWS S3 ServerAWS re:Invent 2016 - Scality's Open Source AWS S3 Server
AWS re:Invent 2016 - Scality's Open Source AWS S3 Server
Scality
 
How to protect your IoT data on AWS
How to protect your IoT data on AWSHow to protect your IoT data on AWS
How to protect your IoT data on AWS
Lahav Savir
 
Vault Open Source vs Enterprise v2
Vault Open Source vs Enterprise v2Vault Open Source vs Enterprise v2
Vault Open Source vs Enterprise v2
Stenio Ferreira
 

Similar to Military Edge Computing with Vault and Consul (20)

[OpenStack Days Korea 2016] Track2 - 가상화 네트워크와 클라우드간 협업
[OpenStack Days Korea 2016] Track2 - 가상화 네트워크와 클라우드간 협업[OpenStack Days Korea 2016] Track2 - 가상화 네트워크와 클라우드간 협업
[OpenStack Days Korea 2016] Track2 - 가상화 네트워크와 클라우드간 협업
OpenStack Korea Community
 
Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerů
MarketingArrowECS_CZ
 
Hyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challengesHyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challenges
Kim Bookout
 
Running IBM MQ in the Cloud
Running IBM MQ in the CloudRunning IBM MQ in the Cloud
Running IBM MQ in the Cloud
Robert Parker
 
Networking and Networking devices - Cloud Computing presentation.pdf
Networking and Networking devices - Cloud Computing presentation.pdfNetworking and Networking devices - Cloud Computing presentation.pdf
Networking and Networking devices - Cloud Computing presentation.pdf
ssuser22b647
 
FlexiCloud: Infinitely Scalable
FlexiCloud: Infinitely ScalableFlexiCloud: Infinitely Scalable
FlexiCloud: Infinitely Scalable
Pallavi Vyas
 
Cloud Computing_Module3-1.pptxnsjsjajajajaja
Cloud Computing_Module3-1.pptxnsjsjajajajajaCloud Computing_Module3-1.pptxnsjsjajajajaja
Cloud Computing_Module3-1.pptxnsjsjajajajaja
Shivang100
 
Intermedia Overview
Intermedia OverviewIntermedia Overview
Intermedia Overview
Clayton Oswald
 
Cozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building cloudsCozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building clouds
Andrei Kvapil
 
cloudblanket_nms_ds_revb
cloudblanket_nms_ds_revbcloudblanket_nms_ds_revb
cloudblanket_nms_ds_revb
Ori Guez
 
Easy, Secure, and Fast: Using NATS.io for Streams and Services
Easy, Secure, and Fast: Using NATS.io for Streams and ServicesEasy, Secure, and Fast: Using NATS.io for Streams and Services
Easy, Secure, and Fast: Using NATS.io for Streams and Services
NATS
 
Secure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptxSecure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptx
Yitao Cen
 
Mykhailo Hryhorash: Архітектура IT-рішень (Частина 2) (UA)
Mykhailo Hryhorash: Архітектура IT-рішень (Частина 2) (UA)Mykhailo Hryhorash: Архітектура IT-рішень (Частина 2) (UA)
Mykhailo Hryhorash: Архітектура IT-рішень (Частина 2) (UA)
Lviv Startup Club
 
Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud
ADVA
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - SegmentationVMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld
 
JWTS Presentation
JWTS PresentationJWTS Presentation
JWTS Presentation
Tony DeGonia
 
Jimbob's Towing and Wrecker Services Presentation
Jimbob's Towing and Wrecker Services PresentationJimbob's Towing and Wrecker Services Presentation
Jimbob's Towing and Wrecker Services Presentation
Tony DeGonia (LION)
 
XO Enterprise Cloud
XO Enterprise CloudXO Enterprise Cloud
XO Enterprise Cloud
Mari Hansen
 
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
ADVA
 
CLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGECLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGE
Shalini Toluchuri
 
[OpenStack Days Korea 2016] Track2 - 가상화 네트워크와 클라우드간 협업
[OpenStack Days Korea 2016] Track2 - 가상화 네트워크와 클라우드간 협업[OpenStack Days Korea 2016] Track2 - 가상화 네트워크와 클라우드간 협업
[OpenStack Days Korea 2016] Track2 - 가상화 네트워크와 클라우드간 협업
OpenStack Korea Community
 
Hybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerůHybridní cloud s F5 v prostředí kontejnerů
Hybridní cloud s F5 v prostředí kontejnerů
MarketingArrowECS_CZ
 
Hyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challengesHyper Secure Converged Infrastructure solves architectural challenges
Hyper Secure Converged Infrastructure solves architectural challenges
Kim Bookout
 
Running IBM MQ in the Cloud
Running IBM MQ in the CloudRunning IBM MQ in the Cloud
Running IBM MQ in the Cloud
Robert Parker
 
Networking and Networking devices - Cloud Computing presentation.pdf
Networking and Networking devices - Cloud Computing presentation.pdfNetworking and Networking devices - Cloud Computing presentation.pdf
Networking and Networking devices - Cloud Computing presentation.pdf
ssuser22b647
 
FlexiCloud: Infinitely Scalable
FlexiCloud: Infinitely ScalableFlexiCloud: Infinitely Scalable
FlexiCloud: Infinitely Scalable
Pallavi Vyas
 
Cloud Computing_Module3-1.pptxnsjsjajajajaja
Cloud Computing_Module3-1.pptxnsjsjajajajajaCloud Computing_Module3-1.pptxnsjsjajajajaja
Cloud Computing_Module3-1.pptxnsjsjajajajaja
Shivang100
 
Intermedia Overview
Intermedia OverviewIntermedia Overview
Intermedia Overview
Clayton Oswald
 
Cozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building cloudsCozystack: Free PaaS platform and framework for building clouds
Cozystack: Free PaaS platform and framework for building clouds
Andrei Kvapil
 
cloudblanket_nms_ds_revb
cloudblanket_nms_ds_revbcloudblanket_nms_ds_revb
cloudblanket_nms_ds_revb
Ori Guez
 
Easy, Secure, and Fast: Using NATS.io for Streams and Services
Easy, Secure, and Fast: Using NATS.io for Streams and ServicesEasy, Secure, and Fast: Using NATS.io for Streams and Services
Easy, Secure, and Fast: Using NATS.io for Streams and Services
NATS
 
Secure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptxSecure AWS with Fortinet Security Fabric.pptx
Secure AWS with Fortinet Security Fabric.pptx
Yitao Cen
 
Mykhailo Hryhorash: Архітектура IT-рішень (Частина 2) (UA)
Mykhailo Hryhorash: Архітектура IT-рішень (Частина 2) (UA)Mykhailo Hryhorash: Архітектура IT-рішень (Частина 2) (UA)
Mykhailo Hryhorash: Архітектура IT-рішень (Частина 2) (UA)
Lviv Startup Club
 
Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud Introducing ConnectGuard™ Cloud
Introducing ConnectGuard™ Cloud
ADVA
 
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - SegmentationVMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld 2013: NSX PCI Reference Architecture Workshop Session 1 - Segmentation
VMworld
 
JWTS Presentation
JWTS PresentationJWTS Presentation
JWTS Presentation
Tony DeGonia
 
Jimbob's Towing and Wrecker Services Presentation
Jimbob's Towing and Wrecker Services PresentationJimbob's Towing and Wrecker Services Presentation
Jimbob's Towing and Wrecker Services Presentation
Tony DeGonia (LION)
 
XO Enterprise Cloud
XO Enterprise CloudXO Enterprise Cloud
XO Enterprise Cloud
Mari Hansen
 
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
Deliver the ultimate network edge protection with the ADVA FSP 150-XG118Pro (...
ADVA
 
CLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGECLOUD COMPUTING AND STORAGE
CLOUD COMPUTING AND STORAGE
Shalini Toluchuri
 
Ad

More from Mitchell Pronschinske (20)

Code quality for Terraform
Code quality for TerraformCode quality for Terraform
Code quality for Terraform
Mitchell Pronschinske
 
Dynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesDynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD Pipelines
Mitchell Pronschinske
 
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMigrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Mitchell Pronschinske
 
Empowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorpEmpowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorp
Mitchell Pronschinske
 
Automate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corpAutomate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corp
Mitchell Pronschinske
 
Using new sentinel features in terraform cloud
Using new sentinel features in terraform cloudUsing new sentinel features in terraform cloud
Using new sentinel features in terraform cloud
Mitchell Pronschinske
 
Unlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub ActionsUnlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub Actions
Mitchell Pronschinske
 
Unlocking the Cloud Operating Model
Unlocking the Cloud Operating ModelUnlocking the Cloud Operating Model
Unlocking the Cloud Operating Model
Mitchell Pronschinske
 
Cisco ACI with HashiCorp Terraform (APAC)
Cisco ACI with HashiCorp Terraform (APAC)Cisco ACI with HashiCorp Terraform (APAC)
Cisco ACI with HashiCorp Terraform (APAC)
Mitchell Pronschinske
 
Governance for Multiple Teams Sharing a Nomad Cluster
Governance for Multiple Teams Sharing a Nomad ClusterGovernance for Multiple Teams Sharing a Nomad Cluster
Governance for Multiple Teams Sharing a Nomad Cluster
Mitchell Pronschinske
 
Unlocking the Cloud Operating Model: Deployment
Unlocking the Cloud Operating Model: DeploymentUnlocking the Cloud Operating Model: Deployment
Unlocking the Cloud Operating Model: Deployment
Mitchell Pronschinske
 
Keeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp VaultKeeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp Vault
Mitchell Pronschinske
 
Modern Scheduling for Modern Applications with Nomad
Modern Scheduling for Modern Applications with NomadModern Scheduling for Modern Applications with Nomad
Modern Scheduling for Modern Applications with Nomad
Mitchell Pronschinske
 
Moving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on AzureMoving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on Azure
Mitchell Pronschinske
 
Remote Culture at HashiCorp
Remote Culture at HashiCorpRemote Culture at HashiCorp
Remote Culture at HashiCorp
Mitchell Pronschinske
 
Rapid Infrastructure in Hybrid Environments
Rapid Infrastructure in Hybrid EnvironmentsRapid Infrastructure in Hybrid Environments
Rapid Infrastructure in Hybrid Environments
Mitchell Pronschinske
 
Vault 1.4 launch webinar
Vault 1.4 launch webinar Vault 1.4 launch webinar
Vault 1.4 launch webinar
Mitchell Pronschinske
 
Understanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp ConsulUnderstanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp Consul
Mitchell Pronschinske
 
From Terraform OSS to Enterprise
From Terraform OSS to EnterpriseFrom Terraform OSS to Enterprise
From Terraform OSS to Enterprise
Mitchell Pronschinske
 
Intermediate HCL: Configuration Languages in HCL2
Intermediate HCL: Configuration Languages in HCL2Intermediate HCL: Configuration Languages in HCL2
Intermediate HCL: Configuration Languages in HCL2
Mitchell Pronschinske
 
Code quality for Terraform
Code quality for TerraformCode quality for Terraform
Code quality for Terraform
Mitchell Pronschinske
 
Dynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD PipelinesDynamic Azure Credentials for Applications and CI/CD Pipelines
Dynamic Azure Credentials for Applications and CI/CD Pipelines
Mitchell Pronschinske
 
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on AzureMigrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Migrating from VMs to Kubernetes using HashiCorp Consul Service on Azure
Mitchell Pronschinske
 
Empowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorpEmpowering developers and operators through Gitlab and HashiCorp
Empowering developers and operators through Gitlab and HashiCorp
Mitchell Pronschinske
 
Automate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corpAutomate and simplify multi cloud complexity with f5 and hashi corp
Automate and simplify multi cloud complexity with f5 and hashi corp
Mitchell Pronschinske
 
Using new sentinel features in terraform cloud
Using new sentinel features in terraform cloudUsing new sentinel features in terraform cloud
Using new sentinel features in terraform cloud
Mitchell Pronschinske
 
Unlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub ActionsUnlocking the Cloud operating model with GitHub Actions
Unlocking the Cloud operating model with GitHub Actions
Mitchell Pronschinske
 
Unlocking the Cloud Operating Model
Unlocking the Cloud Operating ModelUnlocking the Cloud Operating Model
Unlocking the Cloud Operating Model
Mitchell Pronschinske
 
Cisco ACI with HashiCorp Terraform (APAC)
Cisco ACI with HashiCorp Terraform (APAC)Cisco ACI with HashiCorp Terraform (APAC)
Cisco ACI with HashiCorp Terraform (APAC)
Mitchell Pronschinske
 
Governance for Multiple Teams Sharing a Nomad Cluster
Governance for Multiple Teams Sharing a Nomad ClusterGovernance for Multiple Teams Sharing a Nomad Cluster
Governance for Multiple Teams Sharing a Nomad Cluster
Mitchell Pronschinske
 
Unlocking the Cloud Operating Model: Deployment
Unlocking the Cloud Operating Model: DeploymentUnlocking the Cloud Operating Model: Deployment
Unlocking the Cloud Operating Model: Deployment
Mitchell Pronschinske
 
Keeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp VaultKeeping a Secret with HashiCorp Vault
Keeping a Secret with HashiCorp Vault
Mitchell Pronschinske
 
Modern Scheduling for Modern Applications with Nomad
Modern Scheduling for Modern Applications with NomadModern Scheduling for Modern Applications with Nomad
Modern Scheduling for Modern Applications with Nomad
Mitchell Pronschinske
 
Moving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on AzureMoving to a Microservice World: Leveraging Consul on Azure
Moving to a Microservice World: Leveraging Consul on Azure
Mitchell Pronschinske
 
Remote Culture at HashiCorp
Remote Culture at HashiCorpRemote Culture at HashiCorp
Remote Culture at HashiCorp
Mitchell Pronschinske
 
Rapid Infrastructure in Hybrid Environments
Rapid Infrastructure in Hybrid EnvironmentsRapid Infrastructure in Hybrid Environments
Rapid Infrastructure in Hybrid Environments
Mitchell Pronschinske
 
Vault 1.4 launch webinar
Vault 1.4 launch webinar Vault 1.4 launch webinar
Vault 1.4 launch webinar
Mitchell Pronschinske
 
Understanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp ConsulUnderstanding Service Mesh on Azure with HashiCorp Consul
Understanding Service Mesh on Azure with HashiCorp Consul
Mitchell Pronschinske
 
From Terraform OSS to Enterprise
From Terraform OSS to EnterpriseFrom Terraform OSS to Enterprise
From Terraform OSS to Enterprise
Mitchell Pronschinske
 
Intermediate HCL: Configuration Languages in HCL2
Intermediate HCL: Configuration Languages in HCL2Intermediate HCL: Configuration Languages in HCL2
Intermediate HCL: Configuration Languages in HCL2
Mitchell Pronschinske
 
Ad

Recently uploaded (20)

Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AIScaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
danshalev
 
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
steaveroggers
 
Download Wondershare Filmora Crack [2025] With Latest
Download Wondershare Filmora Crack [2025] With LatestDownload Wondershare Filmora Crack [2025] With Latest
Download Wondershare Filmora Crack [2025] With Latest
tahirabibi60507
 
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage DashboardsAdobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
BradBedford3
 
WinRAR Crack for Windows (100% Working 2025)
WinRAR Crack for Windows (100% Working 2025)WinRAR Crack for Windows (100% Working 2025)
WinRAR Crack for Windows (100% Working 2025)
sh607827
 
Societal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainabilitySocietal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainability
Jordi Cabot
 
TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...
TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...
TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...
Andre Hora
 
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Ranjan Baisak
 
F-Secure Freedome VPN 2025 Crack Plus Activation New Version
F-Secure Freedome VPN 2025 Crack Plus Activation New VersionF-Secure Freedome VPN 2025 Crack Plus Activation New Version
F-Secure Freedome VPN 2025 Crack Plus Activation New Version
saimabibi60507
 
Revolutionizing Residential Wi-Fi PPT.pptx
Revolutionizing Residential Wi-Fi PPT.pptxRevolutionizing Residential Wi-Fi PPT.pptx
Revolutionizing Residential Wi-Fi PPT.pptx
nidhisingh691197
 
Kubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptxKubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptx
CloudScouts
 
Get & Download Wondershare Filmora Crack Latest [2025]
Get & Download Wondershare Filmora Crack Latest [2025]Get & Download Wondershare Filmora Crack Latest [2025]
Get & Download Wondershare Filmora Crack Latest [2025]
saniaaftab72555
 
Douwan Crack 2025 new verson+ License code
Douwan Crack 2025 new verson+ License codeDouwan Crack 2025 new verson+ License code
Douwan Crack 2025 new verson+ License code
aneelaramzan63
 
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Lionel Briand
 
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdfMicrosoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
TechSoup
 
Top 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docxTop 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docx
Portli
 
How to Optimize Your AWS Environment for Improved Cloud Performance
How to Optimize Your AWS Environment for Improved Cloud PerformanceHow to Optimize Your AWS Environment for Improved Cloud Performance
How to Optimize Your AWS Environment for Improved Cloud Performance
ThousandEyes
 
Exploring Wayland: A Modern Display Server for the Future
Exploring Wayland: A Modern Display Server for the FutureExploring Wayland: A Modern Display Server for the Future
Exploring Wayland: A Modern Display Server for the Future
ICS
 
PDF Reader Pro Crack Latest Version FREE Download 2025
PDF Reader Pro Crack Latest Version FREE Download 2025PDF Reader Pro Crack Latest Version FREE Download 2025
PDF Reader Pro Crack Latest Version FREE Download 2025
mu394968
 
Who Watches the Watchmen (SciFiDevCon 2025)
Who Watches the Watchmen (SciFiDevCon 2025)Who Watches the Watchmen (SciFiDevCon 2025)
Who Watches the Watchmen (SciFiDevCon 2025)
Allon Mureinik
 
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AIScaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
Scaling GraphRAG: Efficient Knowledge Retrieval for Enterprise AI
danshalev
 
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
How to Batch Export Lotus Notes NSF Emails to Outlook PST Easily?
steaveroggers
 
Download Wondershare Filmora Crack [2025] With Latest
Download Wondershare Filmora Crack [2025] With LatestDownload Wondershare Filmora Crack [2025] With Latest
Download Wondershare Filmora Crack [2025] With Latest
tahirabibi60507
 
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage DashboardsAdobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
Adobe Marketo Engage Champion Deep Dive - SFDC CRM Synch V2 & Usage Dashboards
BradBedford3
 
WinRAR Crack for Windows (100% Working 2025)
WinRAR Crack for Windows (100% Working 2025)WinRAR Crack for Windows (100% Working 2025)
WinRAR Crack for Windows (100% Working 2025)
sh607827
 
Societal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainabilitySocietal challenges of AI: biases, multilinguism and sustainability
Societal challenges of AI: biases, multilinguism and sustainability
Jordi Cabot
 
TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...
TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...
TestMigrationsInPy: A Dataset of Test Migrations from Unittest to Pytest (MSR...
Andre Hora
 
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Proactive Vulnerability Detection in Source Code Using Graph Neural Networks:...
Ranjan Baisak
 
F-Secure Freedome VPN 2025 Crack Plus Activation New Version
F-Secure Freedome VPN 2025 Crack Plus Activation New VersionF-Secure Freedome VPN 2025 Crack Plus Activation New Version
F-Secure Freedome VPN 2025 Crack Plus Activation New Version
saimabibi60507
 
Revolutionizing Residential Wi-Fi PPT.pptx
Revolutionizing Residential Wi-Fi PPT.pptxRevolutionizing Residential Wi-Fi PPT.pptx
Revolutionizing Residential Wi-Fi PPT.pptx
nidhisingh691197
 
Kubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptxKubernetes_101_Zero_to_Platform_Engineer.pptx
Kubernetes_101_Zero_to_Platform_Engineer.pptx
CloudScouts
 
Get & Download Wondershare Filmora Crack Latest [2025]
Get & Download Wondershare Filmora Crack Latest [2025]Get & Download Wondershare Filmora Crack Latest [2025]
Get & Download Wondershare Filmora Crack Latest [2025]
saniaaftab72555
 
Douwan Crack 2025 new verson+ License code
Douwan Crack 2025 new verson+ License codeDouwan Crack 2025 new verson+ License code
Douwan Crack 2025 new verson+ License code
aneelaramzan63
 
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Requirements in Engineering AI- Enabled Systems: Open Problems and Safe AI Sy...
Lionel Briand
 
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdfMicrosoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
Microsoft AI Nonprofit Use Cases and Live Demo_2025.04.30.pdf
TechSoup
 
Top 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docxTop 10 Client Portal Software Solutions for 2025.docx
Top 10 Client Portal Software Solutions for 2025.docx
Portli
 
How to Optimize Your AWS Environment for Improved Cloud Performance
How to Optimize Your AWS Environment for Improved Cloud PerformanceHow to Optimize Your AWS Environment for Improved Cloud Performance
How to Optimize Your AWS Environment for Improved Cloud Performance
ThousandEyes
 
Exploring Wayland: A Modern Display Server for the Future
Exploring Wayland: A Modern Display Server for the FutureExploring Wayland: A Modern Display Server for the Future
Exploring Wayland: A Modern Display Server for the Future
ICS
 
PDF Reader Pro Crack Latest Version FREE Download 2025
PDF Reader Pro Crack Latest Version FREE Download 2025PDF Reader Pro Crack Latest Version FREE Download 2025
PDF Reader Pro Crack Latest Version FREE Download 2025
mu394968
 
Who Watches the Watchmen (SciFiDevCon 2025)
Who Watches the Watchmen (SciFiDevCon 2025)Who Watches the Watchmen (SciFiDevCon 2025)
Who Watches the Watchmen (SciFiDevCon 2025)
Allon Mureinik
 

Military Edge Computing with Vault and Consul

  • 1. Copyright © 2019 HashiCorp Securing The Edge: Military Computing Systems Timothy J. Olson - SE, Public Sector
  • 2. Secrets Management for Tactical Systems Providing secure edge computing to warfighters Provide secrets management to tactical units for battlefield management and secure communication workflows ▪ Operable in Isolation Operational in the face of long-term losses of connectivity with infrastructure ▪ Resilient Secure against possible physical compromise ▪ Easy to Use Requires little/no development support from warfighter users
  • 3. Solution: Vault + Consul Leverage Vault and Consul to provide highly available, resilient, and secure access to tactical computing systems at the edge ▪ Centrally manage and distribute K/V secrets to warfighters using Vault Agent Caching and Templating ▪ Replicate secrets and perform distributed consensus via Vault Replication ▪ Leverage Consul to perform service discovery and networking of Vault across tactical IP networks
  • 4. Evolving application workload delivery Challenge How to deliver Enterprise to Edge applications securely and consistently? Solution Embracing a new operating model for dynamic cloud architectures: a cloud operating model. PHYSICAL VMs CONTAINERS SERVICES APP SERVER CLOUD NATIVE SERVERLESS EDGE DEVICES Run Development Connect Networking Secure Security Provision Operations Dedicated Infrastructure Scheduled across the fleet Host-based Static IP Service-based Dynamic IP High trust IP-based Low trust Identity-based Dedicated servers Homogeneous Capacity on-demand Heterogeneous STATIC/FIXED DYNAMIC
  • 5. Evolving application workload delivery vSphere Hardware IP: Hardware vCenter vSphere Various Hardware Identity: AD/LDAP Terraform EKS / ECS Lambda CloudApp/ AppMesh Identity: AWS IAM Cloud Formation AKS / ACS Azure Functions Proprietary Identity: Azure AD Resource Manager GKE Cloud Functions Proprietary Identity: GCP IAM Cloud Dep. Manager Challenge How to deliver Enterprise to Edge applications securely and consistently? PHYSICAL VMs CONTAINERS SERVICES APP SERVER CLOUD NATIVE SERVERLESS EDGE DEVICES Solution Proprietary solutions reduce flexibility and creates complexity across vendors Run Development Connect Networking Secure Security Provision Operations DEDICATED HYBRID/MULTI CLOUD EDGEENTERPRISE
  • 6. Evolving application workload delivery Networking Security Infrastructure Orchestration Challenge How to deliver Enterprise to Edge applications securely and consistently? Solution Establish central shared service platforms with a single control plane, and consistent workflows. PHYSICAL VMs CONTAINERS SERVICES APP SERVER CLOUD NATIVE SERVERLESS EDGE DEVICES EDGEENTERPRISE
  • 7. A Common Operating Model with the HashiCorp Suite Provision Operations Secure Security Connect Networking Run Development Private Cloud AWS Azure GCP
  • 8. Cloud Operating Model Shared Services Multi Cloud Infrastructure Automation — Infrastructure as code Compliance & management Self service infrastructure Provision / Operations Multi Cloud Security Automation — Identity-based security Secrets management Encryption as a service Advanced data protection Secure / Security Multi Cloud Networking Automation — Common service registry Service registry and discovery Network middleware automation Service mesh Connect / Networking Multi Cloud Application Automation — Workload orchestration Container orchestration Heterogeneous orchestration Run / Development
  • 9. Vault: Security Automation Provides the foundation for cloud security that uses trusted sources of identity to keep secrets and application data secure in the cloud operating model Secrets management to centrally store and protect secrets across clouds and applications Data encryption to keep application data secure across environments and workloads Advanced Data Protection to secure workloads and data across traditional systems, clouds, and infrastructure.
  • 10. Vault: Hybrid / Multi-Cloud Security Secure Multi Cloud Security ● Hybrid / Multi Cloud Secrets Management ○ Enables teams to securely store and tightly control access to tokens, passwords, certificates, and encryption keys for protecting machines and application ● EaaS: Encryption as a Service
  • 11. Single Control Plane for cloud security ● Automate, control, and secure infrastructure and applications through one API ● Unified support across heterogeneous environments ● Integrate with providers and technologies you’re already using
  • 12. © 2018 HashiCorp Vault Agent VAULT APPROACH TO DYNAMIC INFRASTRUCTURE 12 Vault Agent is a client daemon that provides the following features: ● Auto-Auth - Automatically authenticate to Vault and manage the token renewal process for locally-retrieved dynamic secrets. ● Caching - Allows client-side caching of responses containing newly created tokens and responses containing leased secrets generated off of these newly created tokens. ● Templating - Allows rendering of user supplied templates by Vault Agent, using the token generated by the Auto-Auth step.
  • 13. © 2018 HashiCorp Vault Agent Caching VAULT APPROACH TO DYNAMIC INFRASTRUCTURE 13 Vault Agent Caching can cache the tokens and leased secrets proxied through the agent which includes the auto-auth token. This allows for easier access to Vault secrets for edge applications, reduces the I/O burden for basic secrets access for Vault clusters, and allows for secure local access to leased secrets for the life of a valid token
  • 14. © 2018 HashiCorp Vault Agent Templates VAULT APPROACH TO DYNAMIC INFRASTRUCTURE 14 Vault Agent Templates allows Vault secrets to be rendered to files using the Consul Template markup language. This significantly simplifies the workflow when you are integrating your applications with Vault.
  • 15. Consul Provides a foundation of cloud network automation using a shared registry for service based networking 50k+ Used at scale with 50k+ agents 1M+ Monthly D/Ls Service registry & health monitoring to provide a real-time directory of all services with their health status Network middleware automation with service discovery for dynamic reconfiguration as services scale up, down or move Zero trust network with service mesh to secure service-to-service traffic with identity-based security policies and encrypted traffic with Mutual-TLS
  • 16. The Shift from Static to Dynamic Networking ● Modular services with dynamic IPs, running on bare metals, VMs, containers... ● 85% of volume from complex east-west traffic* ● No clear network perimeters
  • 17. Consul: Hybrid / Multi-Cloud Service Networking (MESH) Connect Hybrid/Multi Cloud Service Networking ● Consul provides a hybrid/multi-cloud service networking layer to connect and secure services ● Service Registry & Discovery ○ Common service registry ○ Integrated health checks ○ DNS and API interfaces to enable any service to discover and be discovered by other services. ● Consistent registry and discovery of services across multi-data center, cloud, and platform environments. ● Service Mesh ○ Consul provides a distributed service mesh to connect, secure, and configure services across any runtime platform and cloud.
  • 18. Consul Connect Consul Connect provides service-to-service connection authorization and encryption using mutual Transport Layer Security (TLS). Applications can use sidecar proxies in a service mesh configuration to establish TLS connections for inbound and outbound connections without being aware of Connect at all. Applications may also natively integrate with Connect for optimal performance and security. Connect can help you secure your services and provide data about service-to-service communications. Secure service-to-service traffic with identity-based security policies and encrypted traffic with Mutual-TLS
  • 19. Single Control Plane for cloud networking ● Automate and control the data plane with central service registry ● Unified support across heterogeneous environment ● Simplified operation with single workflow
  • 20. Unified Networking Solution for Hybrid/Multi-Cloud
  • 21. Vault Replication for Military Systems Leverage Vault Replication to allow edge-based warfighting systems to perform secrets management with centralized Vault environments. ▪ Primary: Source of truth located in central ship or land-based command operations center. ▪ Secondaries: Located at mobile C2I centers that can connect directly to edge systems. ▪ Vault Agent: Deployed on edge warfighting systems for local secrets management operations using K/V. Primary Vault Cluster Land or naval command operations centers Vault Performance Secondary Mobile C2I such as E3 or M1113 Vault Agent Edge system that uses Vault K/V
  • 22. Mesh Networking with Consul Connect Using Consul Connect will allow Vault Agents to route communications to Vault clusters via the Airborne Network ▪ Allows Vault Agent to sync ad hoc with Vault performance secondaries via TTNT, WNW to Airborne Network routers when available ▪ Minimize round trip delay and provide additional options for Vault replication reference architectures TTNT = Tactical Targeting Network Technology WNW = Wideband Network Waveform
  • 23. Secrets Management in Adverse Conditions When in periods of reliable/semi-reliable connectivity, use Consul + Vault Agent Caching and Templating to reflect the active state of secrets in the primary within files local to the edge system. Vault Agent (/foo/bar, value_1) Secondary Cluster (/foo/bar, value_1) Primary Cluster (/foo/bar, value_1) Reliable/Semi-Reliable Connectivity
  • 24. Secrets Management in Adverse Conditions When outside the range of connectivity, Vault Agent Caching & Templating retains the last known version of K/V in the linked file that references the secret. This ensures continued access for local applications at the edge while the secondary cluster remains disconnected in the field. Secondary Cluster (/foo/bar, value_1) Primary Cluster (/foo/bar, value_1) Reliable/Semi-Reliable Connectivity Vault Agent (/foo/bar, value_1) ?
  • 25. Secrets Management in Adverse Conditions When TTL expires and/or operator thinks edge compromised, primary iterates K/V version with new value ▪ Agent is unable to retrieve an update to their K/V pair until they re-enter connectivity with a connected secondary and reauthenticate. ▪ Resilience against compromise of edge system. Compromises isolated at the edge. ▪ Ensures primary/connected secondaries can still reference previous K/V pair via previous versions. Connected Secondary V1: (/foo/bar, value_2), V0: (/foo/bar, value_1) Primary Cluster V1: (/foo/bar, value_2), V0: (/foo/bar, value_1) Reliable/Semi-Reliable Connectivity Disconnected Secondary (/foo/bar, value_1) Vault Agent (/foo/bar, value_1)
  • 26. Secrets Management in Adverse Conditions When reliable/semi-reliable connectivity re-established, use Vault Agent Templating and Vault Replication to reflect the active state of secrets in the primary within files local to the edge system. Reliable/Semi-Reliable Connectivity Connected Secondary V1: (/foo/bar, value_2) V0: (/foo/bar, value_1) Primary Cluster V1: (/foo/bar, value_2) V0: (/foo/bar, value_1) Vault Agent V1: (/foo/bar, value_2) V0: (/foo/bar, value_1)
  • 27. Secrets Management for Tactical Systems Vault and Consul: Providing secure edge computing to warfighters Provide secrets management to tactical units for battlefield management and secure communication workflows ▪ Operable in Isolation Operational in the face of long-term losses of connectivity with infrastructure ▪ Resilient Secure against possible physical compromise ▪ Easy to Use Requires little/no development support from warfighter users
  • 28. Secrets Management for Tactical Systems Providing secure edge computing to warfighters Provide secrets management to tactical units for battlefield management and secure communication workflows Solution: Vault + Consul