Kubernetes for Unclassified Information Systems





Toledo Systems has built cloud native infrastructure for distributed web services on Google’s open source virtualization system Kubernetes. This modern cloud will not only provide high availability for both our internal and external web services, it will also be a zero trust information system with deep monitoring metrics, throttling the eBPF kernels instruction set for networking. Our automated proprietary installation, PKI and network policy will allow us to quickly respond to threats and adapt or heal our infrastructure if an intrusion is detected.

Only empire vehicle clients will be serviced by the deathstar microservice

Legacy firewall configures layer 3/4 on the OSI stack. This or that port or IP may be blocked or allowed. However, on a micro services framework such as Kubernetes this can be extended to L7 or the application layer. Actions may be limited on a specific micro service (ex: allows puts but not post) and on a whitelist of clients. With Cilium our internal clusters will have restrictive firewall policies operating on both L3/4 and L7.