website: remove sergmentation from sidebar
we'll move east-west to a "use case" section, didnt' feel right in the reference docs.
This commit is contained in:
parent
ce984e57d2
commit
1e980076b0
|
@ -64,25 +64,3 @@ APIs are all made to the local Consul agent over a loopback interface, and all
|
|||
local caching, background updating, and support blocking queries. As a result,
|
||||
most API calls operate on purely local in-memory data and can respond
|
||||
in microseconds.
|
||||
|
||||
## Eliminating East-West Firewalls
|
||||
|
||||
East-west firewalls are the typical tool for network security in a static world.
|
||||
East-west is the transfer of data from server to server within a datacenter,
|
||||
versus North-south traffic which describes end user to server communications.
|
||||
|
||||
These firewalls wrap services with ingress/egress policies. This perimeter-based
|
||||
approach is difficult to scale in a dynamic world with dozens or hundreds of
|
||||
services or where machines may be frequently created or destroyed. Firewalls
|
||||
create a sprawl of rules for each service instance that quickly becomes
|
||||
overly difficult to maintain.
|
||||
|
||||
Service security in a dynamic world is best solved through service-to-service
|
||||
authentication and authorization. Instead of IP-based network security,
|
||||
services can be deployed to low-trust networks and rely on service-identity
|
||||
based security over in-transit data encryption.
|
||||
|
||||
Connect enables service segmentation by securing service-to-service
|
||||
communications through mutual TLS and transparent proxying on zero-trust
|
||||
networks. This allows direct service communication without relying on firewalls
|
||||
for east-west traffic security.
|
||||
|
|
|
@ -249,7 +249,7 @@
|
|||
</li>
|
||||
|
||||
<li<%= sidebar_current("docs-connect") %>>
|
||||
<a href="/docs/connect/index.html">Connect (Service Segmentation)</a>
|
||||
<a href="/docs/connect/index.html">Connect</a>
|
||||
<ul class="nav">
|
||||
<li<%= sidebar_current("docs-connect-config") %>>
|
||||
<a href="/docs/connect/configuration.html">Configuration</a>
|
||||
|
|
Loading…
Reference in a new issue