Gaurav Bhatnagar
Architect and Technology Analyst | Patent holder | Telco Cloud | CKS | Senior System Manager @ Ericsson
New Delhi, India
Actions
I am a technology enthusiast with a passion for innovation. Presently, I am working as a senior system manager in technology and system management as part of the Business Area Cloud Software Services of Ericsson.
I have been exposed to a variety of technologies, such as Cloud Native, Big Data, and Machine Learning to build Telco grade solutions in the BSS and OSS domains.
My passion for innovation and collaboration has led me to file numbers of patents and research papers in reputed journals.
Links
Area of Expertise
Comprehensive survey of various open-source security tools that can be used in CI/CD for Containers
Security is a major focus area in the software development lifecycle. With the advent of zero trust and defense in depth architectures, security concepts like secure coding practices, vulnerability scanning, etc. need to be incorporated from the initial stages of the software development cycle. There are several security tools that can make the task of applying security concepts easier for software developers, and these tools can also be incorporated into the CI/CD pipelines for continuous application of security concepts.
These security tools can be used at various stages in CI/CD pipelines to get the best results. This presentation will cover a comprehensive survey of various security tools and depict graphically at what stage in the CI/CD pipeline these tools can be used for the best results. Using Venn diagrams, it would also be depicted what are the similar and different features of the tool when multiple tools are applicable for a given stage of the CI/CD pipeline.
SPIFFE/SPIRE for secure communication between workloads on various IT platforms for telco use case
SPIFFE/SPIRE provide strongly attested, cryptographic identities for workloads on a variety of platforms.
Globally, Telco workloads are shifting from Bare metal/Virtualized platforms to Containerized platforms. Due to license restrictions, where a software vendor is supporting software only on Bare metal or Virtualized platforms, or due to other legacy reasons, Telco operators still need to manage workloads deployed across Bare metal/Virtualized and Containerized platforms, and these workloads need to communicate securely with each other. The overhead of managing and issuing cryptographic identity documents (e.g., X.509 certificates) for these different platforms increases Telco operators' operational expenditure (OPEX), reducing business expediency and return on investment.
Traditional methods of managing secure communications do not provide a consistent way to manage and issue cryptographic identity documents across different Bare metal/Virtualized and Containerized platforms.
Use Merido to create network services for telco use cases using secondary networking for Kubernetes
Meridio is an open-source software available on https://github.com/Nordix/Meridio, that utilizes secondary networking in Kubernetes workloads to offer capabilities such as external traffic attraction for network services hosted by Kubernetes workloads, traffic isolation, and segregation, Simplified Network Management and so on that can be used for various telco use cases.
Meridio introduces the concept of a "trench". Inside each trench, the traffic can be split to take different logical and physical paths through the cluster and traffic can be subjected to a chain of different network services.
Telco workloads have specific requirements from Kubernetes like segregating traffic based on its type, ensuring Quality of Service for segregated traffic, No NAT, Same IP for both ingress and egress traffic (VIP). Meridio can help telco vendors achieve these use cases by using Secondary networking for Kubernetes workloads.
Gaurav Bhatnagar
Architect and Technology Analyst | Patent holder | Telco Cloud | CKS | Senior System Manager @ Ericsson
New Delhi, India
Links
Actions
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top