Get started
Aviatrix Blog

“Two Ships Passing in the Night”: Bridging the Gap Between Kubernetes Networking and Security

Cloud expert David Linthicum and Aviatrix's Anirban Sengupta discuss the Aviatrix Kubernetes Firewall and how it empowers teams to secure and scale clusters.

Alicia Pollard srcset=
Updated March 17, 2025 in cloud security, Kubernetes By Alicia Pollard

In a recent episode of Cloud Computing Insider, host David Linthicum sat down with Anirban Sengupta, Chief Technology Officer and Senior Vice President of Engineering at Aviatrix, to explore how Aviatrix’s new Kubernetes Firewall solution transforms the landscape of cloud networking and security. The conversation offered deep insights into the challenges of Kubernetes and how the Kubernetes Firewall equips organizations to achieve scalability and agility.

From years of experience in tech, including leadership at Google, Anirban is familiar with the strengths and weaknesses of Kubernetes, including a critical gap:

“I found out that Kubernetes networking and security are somewhat like two ships passing in the night,” he said. “They work independently and are not closely tied together. This is the gap which I am able to bridge as part of the Aviatrix team.”

He described how the Aviatrix Kubernetes Firewall closes that gap by reimaging traditional network architecture approaches.

 

A Cloud-First Architecture: Addressing the Complexities of Multicloud Infrastructures

Anirban highlighted Aviatrix’s unique approach to cloud networking, emphasizing a cloud-first architecture that fundamentally differs from traditional networking solutions. Unlike legacy systems retrofitted for cloud environments, Aviatrix has built its platform from the ground up to address the complexities of modern, multicloud infrastructures.

Some of the complexities that the Aviatrix Kubernetes Firewall addresses go back to the beginning of Kubernetes.

“Originally, the Kubernetes was supposed to be more like a cluster-centric technology,” he said. “But as Kubernetes became successful and companies started to deploy more and more clusters, all the different issues with scale, governance, security, and compliance started to creep up. It is much more difficult to scale by the number of clusters, and the complexity is not even linear – it’s way more than linear. And that is causing a lot of issues.”

The Aviatrix Kubernetes Firewall simplifies these complexities by providing:

  • A cloud-native architecture designed specifically for multicloud environments
  • An integrated security and networking approach
  • The ability to manage diverse cloud environments from a single management plane
  • A model that enables customers to write policies based on nodes, pods, and services as well as multi-cluster network segmentation

 

Kubernetes Networking: Bridging Critical Gaps

Anirban explained how Aviatrix’s new Kubernetes Firewall addresses several critical challenges in container networking:

  • IP Address Management: Solving issues of IP address exhaustion and overlap in large-scale Kubernetes deployments by basing policies on pods, nodes, and clusters instead of IP addresses
  • Egress Security: Providing advanced security controls for container network traffic
  • Policy Enforcement: Enabling policy creation based on Kubernetes resource models rather than ephemeral IP addresses
  • Multi-Cluster Management: Simplifying network segmentation across multiple Kubernetes clusters

 

Anirban also emphasized the importance of consistent security policies across a network.

“Having a policy which takes care of all the different types of containers, or different types of compute and storage and services, really helps to secure seamlessly all these applications which are distributed across the network and across different clouds and the edge,” he said. “It’s not that all applications [are] in containers or everything is in VMs; there is always a mix and match of what kind of services are being used.”

 

The Cloud 2.0 Initiative

“A lot of the customers whom we talk to, and even from my past at Google, they’re looking at what is being sometimes coined as Cloud 2.0 initiative,” Anirban said.

He described this era as including:

  • Distributed applications spanning multiple environments
  • Complex workloads mixing VMs, containers, serverless, and bare metal
  • A critical need for unified security and networking solutions

 

Anirban outlined three critical recommendations for enterprises navigating the complex cloud landscape:

  • Embrace Multicloud: Avoid vendor lock-in and leverage the best services from different cloud providers. “You don’t want to miss out on newer applications, newer services, newer technology that different clouds are bringing on,” Anirban said.
  • Invest in Security and Networking: Build robust infrastructure to protect against increasing cybersecurity threats. “There are so many bad actors today, including nation states that sponsor these kinds of activities,” Anirban warned. “So invest in networking and security.”
  • Create Your Own Cloud Strategy: Develop a flexible approach that gives you control over costs and operations. “Build your own cloud so that you can control your cost you can control your operations you can control you basically own your own destiny,” Anirban said.

 

As enterprises continue to adopt AI, multicloud, and automation strategies, solutions like the Aviatrix Kubernetes Firewall become increasingly crucial. The ability to create a seamless, secure networking fabric across diverse cloud environments bridges the critical gap between networking and security, empowering organizations to realize Kubernetes’s potential for rapid scaling, agility, and automation.