Home / Companies / Kong / Blog / Post Details
Content Deep Dive

Kong Mesh 2.14: Zone Proxy Policies, Security Defaults

Blog post from Kong

Post Details
Company
Date Published
Author
Justin Davies
Word Count
2,418
Company Posts That Month
13
Language
English
Hacker News Points
-
Summary

Kong Mesh 2.14 introduces significant enhancements for multi-zone customers, focusing on improved security, observability, and policy control. Built on the open-source Kuma service mesh, Kong Mesh simplifies operations for platform teams by providing robust features like zero-trust security and multi-zone support across various environments, including cloud providers, Kubernetes clusters, and traditional servers. This release enhances the mesh-scoped zone proxy deployment model, allowing for precise policy enforcement and traffic control using SNI-based matching, which offers granular management of cross-zone and external-service traffic. Observability is bolstered through integration with OpenTelemetry and updated Grafana dashboards, streamlining metrics and tracing into a cohesive pipeline. Security is reinforced by defaulting to Unix domain sockets for Envoy admin API communication and restricting localhost access, aligning with a zero-trust approach. Additionally, the update introduces Kubernetes native sidecars for improved lifecycle management and offline signing tokens for secure, reliable token generation in disconnected environments. These improvements collectively aim to provide a more secure, efficient, and adaptable service mesh solution for enterprises managing complex, multi-zone topologies.

Trends Found in this Post
Trend Post Mentions Total Month Mentions Posts Companies MoM
OpenTelemetry 12 701 153 53 -26%
Kubernetes 11 1,993 294 100 +1%
Observability 11 3,430 674 183 +0%
Secrets Management 5 2,063 322 117 -4%
Zero Trust 2 112 47 30 -26%
Real-time 1 5,457 1,338 238 -5%