Zero Trust Network

AppViewX architecture is designed around the concept of zero trust network model. Zero trust network, refers to security concepts and threat model that no longer assumes that actors, systems or services operating from within the security perimeter should be automatically trusted, and instead must verify anything and everything trying to connect to its systems before granting access.

We use Calico as CNI for Kubernetes networking. The zero trust network model is enforced using Calico’s network policy. By default, the network policy is applied across AppViewX components to enforce zero trust network policy. The policies are configured to allow traffic from only the intended source and rest will be rejected.

The following diagram depicts the traffic flow between the components:

Figure 2 Zero trust network model

The table depicts the ingress network policy that has been configured between components to achieve zero trust.

• Green - Ingress traffic (Incoming) to the component allowed
• Red - Ingress traffic (Incoming) to the component denied