Egress & east-west control

Authorize outbound through an egress gateway.

Advanced30 min · lesson 14 of 15

Zero trust is often framed around inbound and east-west traffic, but egress — what workloads may reach outbound — is equally important. A breached workload moves laterally east-west and exfiltrates via egress, so both must be authorized, not just north-south ingress.

Control what leaves

By default a workload can open any outbound connection, which is exactly the channel an attacker uses for command-and-control and data exfiltration. Zero-trust egress constrains outbound to approved destinations and routes it through a policy-enforcing, logged chokepoint. In a mesh, an egress gateway funnels external-bound traffic through a controlled proxy where you apply allowlists (only these external hosts), authenticate the calling workload, and log every outbound flow — turning open egress into an authorized, observable path. This complements the network-layer egress controls (default-deny egress rules, DNS filtering) covered elsewhere; the mesh adds identity-aware egress on top.

route egress through a controlled gateway
# Only allow outbound to an approved external API, via the egress gateway.
apiVersion: networking.istio.io/v1
kind: ServiceEntry
metadata: { name: payments-partner }
spec:
hosts: ["api.partner.com"]
ports: [{ number: 443, name: https, protocol: TLS }]
resolution: DNS
# + a Gateway/VirtualService pinning this traffic through the egress gateway,
# and an AuthorizationPolicy so ONLY the payments service may use it.
# Everything not explicitly allowed has no outbound path.

East-west and egress together

The complete zero-trust data plane authorizes all three directions: ingress (who may enter), east-west (which services may call which, under default-deny identity authz), and egress (what may leave, through a controlled gateway). This closes the paths a post-compromise attacker relies on — lateral movement is bounded by east-west policy, and exfiltration/C2 is bounded by egress policy. Treating egress as a first-class control, authorized by workload identity and logged, means a compromised workload can neither roam the cluster nor phone home freely; it is confined to the small set of internal and external destinations you explicitly permitted.

Authorize every direction
1ingresswho may enter (authn +…2east-westdefault-deny identity…3egress gatewayapproved destinations…4containedworkloadcannot roam or exfiltrate…
Ingress, east-west, AND egress all authorized by identity. Controlling outbound denies the attacker their exfiltration and C2 channel.
Unrestricted egress is the exfiltration channel
Locking down east-west while leaving egress wide open still lets a compromised workload stream data out and receive commands. Route outbound through an identity-aware egress gateway with an allowlist and logging, so exfiltration and C2 have no default path — egress is as much a zero-trust control as ingress.