In this chapter, you have seen that a thin proxy is helpful to scale microservices. A proxy caches requests to avoid multiple trips to the control plane, and it sends asynchronous requests to Istio's Mixer, which can communicate to the backend services.

We've shown scenarios using the Bookinfo microservice where policy controls can be enabled in Istio through a simple edit to its config map. You can enable rate limits to prevent rogue users from abusing the system. This process defines rules where we identify a user, count their requests, and reject the requests after a rate limit. Finally, if there is a rogue user, control access to enable service denial can be configured through an IP-based whitelist or blacklist. This process defines a deny rule for services where we can deny access through instances and denier handlers.

In the next chapter, we will cover Istio telemetry and the visualization of metrics collected by Istio through Prometheus, Grafana, and Kiali.