Tetrate has announced the general availability of Tetrate Service Bridge (TSB), Golden Gate version.
This latest release combines API Gateway, web application firewall (WAF), and service mesh capabilities into a single management plane, delivering a unified cloud-agnostic application connectivity platform.
By unifying these features, TSB brings centralized governance and decentralized enforcement to application networking, which is essential for implementing zero-trust security on legacy and modern workloads.
TSB’s Envoy-based application networking layer eliminates the distinction between north-south and east-west traffic: it’s just application traffic. Developers can now apply features traditionally only available in an API Gateway to any part of their application topology, from edge to workload. The Golden Gate TSB release includes API Gateway and a full set of out-of-the-box API governance features.
“As enterprises evolve their cloud-native application environments, robust application connectivity and networking becomes both extremely valuable and increasingly complex,” said Brad Casemore, vice president of research. , data center and multicloud networking at IDC. “Quite paradoxically, application networking is most valuable when it’s invisible – simple to provision and operate, and unobtrusive, yet elastically scalable and secure in highly distributed environments, without getting in the way of developers and their applications. With the latest release of Tetrate Service Bridge, Tetrate addresses this need by bringing greater simplicity to centralized control of edge connectivity to workloads spanning multiple clusters, clouds, and compute resources.
Gaining access and knowing how to configure application-specific network and security policies can be difficult for developers and ultimately impacts productivity. At the same time, network and security teams lack the means to enforce policy mandates and ensure their implementation. This disconnect between access and knowledge leads to non-compliant networking and inconsistent policy enforcement, which in turn leads to security breaches.
With the Golden Gate release, TSB enables developers to configure policies for their applications without needing to learn the complexities of new technologies like Envoy and Istio, while still being able to harness their power.
“As a leading provider of educational technology, our flagship product, ABCmouse Early Learning Academy, is the leading digital education program for young children in the United States,” said Jeremy Farber, senior vice president of infrastructure at Age of Learning. “We appreciate how the Golden Gate version of Tetrate Service Bridge helps us provide security at the application level, not just at the network level.”
TSB is also now available as a fully managed service hosted by Tetrate, in addition to self-managed deployment. TSB’s managed service significantly reduces the initial investment required to start using Zero Trust architectures, encourages experimentation and further reduces complexity for customers. The managed service can be used for pilot projects, smaller projects or for all projects, depending on the needs of each client.
“Application architectures are increasingly distributed in nature,” said Varun Talwar, CEO and co-founder of Tetrate. “When coupled with the need for multicloud infrastructures, application networking, and security policies, management becomes a complex issue. TSB elegantly simplifies this challenge with its management plane, a layer that ties the execution system to users and teams. Companies can implement controls for regulatory requirements with confidence and maintain multiple independent teams on the same infrastructure without shared outages.
The release of Golden Gate follows a very successful year in which more than 20 Fortune 500 organizations in financial services, healthcare and retail adopted the original version of TSB, increasing the number of clusters by 10 times under management from one year to the next. Customers provided valuable feedback on key features of the new release, including:
- A unified application connectivity platform to deploy and manage WAF, GW API, service mesh and output controls
- A clean, declarative app developer experience for configuring app traffic and security controls, where they can be defined once and applied anywhere
- A single management pane to manage application traffic across heterogeneous environments including Kubernetes, virtual machines, bare metal, on-premises, and cloud servers
- Multitenancy: Creating tenants for teams within an enterprise to define granular access control and editing rights and maintain zero trust as the norm; audit changes to shared services and resources from start to finish
- Next-gen API governance out of the box with just enough built-in API gateway functionality for ease of use
- Deploy WAF with blessed configuration wherever needed, from edge to workload, not just on a single firewall
- Deployment and lifecycle management of service mesh (Istio and Envoy) on multiple Kubernetes clusters
- Application-Level Segmentation: Secure Applications, Not (Just) Networks