diff --git a/docs/admin/integrations/istio.md b/docs/admin/integrations/istio.md
new file mode 100644
index 0000000000000..3132052e32767
--- /dev/null
+++ b/docs/admin/integrations/istio.md
@@ -0,0 +1,35 @@
+# Integrate Coder with Istio
+
+Use Istio service mesh for your Coder workspace traffic to implement access
+controls, encrypt service-to-service communication, and gain visibility into
+your workspace network patterns. This guide walks through the required steps to
+configure the Istio service mesh for use with Coder.
+
+While Istio is platform-independent, this guide assumes you are leveraging
+Kubernetes. Ensure you have a running Kubernetes cluster with both Coder and
+Istio installed, and that you have administrative access to configure both
+systems. Once you have access to your Coder cluster, apply the following
+manifest:
+
+```yaml
+apiVersion: networking.istio.io/v1alpha3
+kind: EnvoyFilter
+metadata:
+  name: tailscale-behind-istio-ingress
+  namespace: istio-system
+spec:
+  configPatches:
+    - applyTo: NETWORK_FILTER
+      match:
+        listener:
+          filterChain:
+            filter:
+              name: envoy.filters.network.http_connection_manager
+      patch:
+        operation: MERGE
+        value:
+          typed_config:
+            "@type": type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
+            upgrade_configs:
+              - upgrade_type: derp
+```
diff --git a/docs/manifest.json b/docs/manifest.json
index 14a9a7f5c6279..10ced9fe74dc1 100644
--- a/docs/manifest.json
+++ b/docs/manifest.json
@@ -696,6 +696,11 @@
 					"description": "Integrate Coder with JFrog Artifactory",
 					"path": "./admin/integrations/jfrog-artifactory.md"
 				},
+				{
+					"title": "Istio Integration",
+					"description": "Integrate Coder with Istio",
+					"path": "./admin/integrations/istio.md"
+				},
 				{
 					"title": "Island Secure Browser Integration",
 					"description": "Integrate Coder with Island's Secure Browser",

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/coder/coder/pull/15733.diff" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/coder/coder/pull/15733.diff" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/coder/coder/pull/15733.diff" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/coder/coder/pull/15733.diff" target="_blank">pFad v4 Proxy</a></p></body>
</html>