Play
Subscribe for updates
Featured
04. Troubleshooting DNS “SERVFAIL” errors
Calico Policy Introduction
Search episodes
Calico Policy Introduction
Example 01 - Denylist Policy
Example 02 - Namespace Isolation
Example 03 - Workload Isolation
Summary
A Hierarchical Policy Model for Microsegmentation in Kubernetes
Why Implement Microsegmentation
Challenges Implementing Microsegmentation
A Hierarchical Policy Model for Microsegmentation in Kubernetes - Part 1
A Hierarchical Policy Model for Microsegmentation in Kubernetes - Part 2
Building a Policy Model
Deploying the Demo Applications
Implementing the Tiers
Policy Example 1 - Cluster-wide Policy
Policy Example 2 - Tenant-isolation Policy
Policy Example 3 - Platform Policy
Policy Example 4 - Namespace-isolation Policy
Policy Example 5 - Workload-isolation Policy
Policy Example 6 - Deny Policy
Learning Track Summary
Policy Management using the Policy Board
Identify Endpoints Scoped in a Policy
Identify Policies Denying Flows
Using Policy Metrics
Identify Flows Matching Policies and Endpoints
Download Policies from the Policy Board
Creating Policies in the Policy Board
Audit Policies
Identify Policies Applied to an Endpoint
Using the Policy Recommender
Working with Tiers in the Policy Board
Service Graph and Flow Visualization Video Series
Service Graph Overview
Service Graph - Navigating Through Namespaces
Service Graph - Alerts
Service Graph - Identify Policies Denying Traffic
Service Graph - Creating Custom Views
Service Graph - Packet Capture
Flow Log Observability and Troubleshooting Series
Flow Log Dashboard Introduction
Example 01 - Identify “deny” flows
Example 02 - Inbound and Outbound bytes
Example 03 - Identify flows with “bytes_in : 0”
Example 04 - Identify Flows to and from Specific Process with eBPF Probes
Example 05 - Identify Traffic to Specific Service Ports
Example 06 - Identify Traffic to Specific FQDNs
Example 07 - Identify Traffic to Specific Destination IPs
Example 08 - Identify Flows Denied by a Policy
Example 09 - Identify All Egress Connections from a Workload
Example 10 - Filter based on IP Range
DNS Observability and Troubleshooting Series
01. Introduction to DNS Observability Challenges
02. Calico DNS Observability
03. Troubleshooting DNS traffic deny
04. Troubleshooting DNS “SERVFAIL” errors
05. Troubleshooting DNS "NXDOMAIN" errors
06. Troubleshooting Missing DNS Resource Records
TCP Performance Monitoring and Troubleshooting
TCP Performance Dashboard
Troubleshooting Node Specific TCP Performance Issues
Troubleshooting Pod Specific TCP Performance Issues
TCP Performance Troubleshooting for Churned Nodes and Pods
Troubleshoot - Random flow denies
Defending Against the Threat Matrix for Kubernetes
Restricting Access to the Instance Metadata Service (IMDS)
Mitigate Application Exploits with Web Application Firewall (WAF)
Restricting Access to the Kubernetes API
Application Layer Policies
Application Layer Policies with Azure Self-Hosted Gateway
Web Application Firewall
Enable & Leverage Calico WAF
Investigate WAF events and enable WAF blocking mode
Enable WAF in the Calico UI
Image Assurance
IA Registry Scanning
Image Assurance - CLI Scanner
Runtime Security
Enable Runtime Security with Calico Container Threat Detection
Trace & Block Flows to Suspicious Destinations with Calico ThreatFeeds
Quarantine compromised pods
Enhance Vulnerability Management with Calico Security Dashboards
Calico Cloud User Access Management
Calico Cloud Role-based Access Control (RBAC) Introduction
The Owner User Role
The Amin User Role
The Viewer User Role
The DevOps User Role
The Security User Role
The UsageMetrics User Role
The ImageAssuranceAdmin User Role
Creating and Assigning Custom Roles
Exporting Custom Roles
Day2 Operations
Generating & Forwarding Denied Traffic Alerts
Miscellaneous
Kibana - How to retrieving a list of namespaces
AKS-Calico-CNI
Tigera Customer Success Channel
