Egress & east-west control
Authorize outbound through an egress gateway.
Zero trust is often framed around inbound and east-west traffic, but egress — what workloads may reach outbound — is equally important. A breached workload moves laterally east-west and exfiltrates via egress, so both must be authorized, not just north-south ingress.
Control what leaves
By default a workload can open any outbound connection, which is exactly the channel an attacker uses for command-and-control and data exfiltration. Zero-trust egress constrains outbound to approved destinations and routes it through a policy-enforcing, logged chokepoint. In a mesh, an egress gateway funnels external-bound traffic through a controlled proxy where you apply allowlists (only these external hosts), authenticate the calling workload, and log every outbound flow — turning open egress into an authorized, observable path. This complements the network-layer egress controls (default-deny egress rules, DNS filtering) covered elsewhere; the mesh adds identity-aware egress on top.
# Only allow outbound to an approved external API, via the egress gateway.apiVersion: networking.istio.io/v1kind: ServiceEntrymetadata: { name: payments-partner }spec:hosts: ["api.partner.com"]ports: [{ number: 443, name: https, protocol: TLS }]resolution: DNS# + a Gateway/VirtualService pinning this traffic through the egress gateway,# and an AuthorizationPolicy so ONLY the payments service may use it.# Everything not explicitly allowed has no outbound path.
East-west and egress together
The complete zero-trust data plane authorizes all three directions: ingress (who may enter), east-west (which services may call which, under default-deny identity authz), and egress (what may leave, through a controlled gateway). This closes the paths a post-compromise attacker relies on — lateral movement is bounded by east-west policy, and exfiltration/C2 is bounded by egress policy. Treating egress as a first-class control, authorized by workload identity and logged, means a compromised workload can neither roam the cluster nor phone home freely; it is confined to the small set of internal and external destinations you explicitly permitted.