Gloo Gateway Security


Learn about the security features baked into Gloo like TLS, external authentication, and web application firewalls

Web Application Firewall

Enable the WAF on Gloo to filter requests

Start Scenario

mTLS Integration with Istio

Enable mTLS with Istio and Gloo

Start Scenario

TLS at the Gateway

Enable Gateway TLS between the client and Envoy

Start Scenario

Upstream TLS

Enable TLS between Envoy and Upstream destinations

Start Scenario

OpenID Connect (OIDC) Authentication

Enable external OIDC Authentication on Gloo

Start Scenario

JWT Authentication and RBAC

Enable JWT Authentication with Gloo

Start Scenario

Rate Limiting

Enable rate limiting on Gloo to define request limits and protect Upstreams

Start Scenario

Open Policy Agent (OPA)

Enable the OPA to create policies defining allowed methods and paths

Start Scenario