High-performance eBPF networking
High-availability networking, offering blazing fast performance with a pluggable data plane architecture supporting nftables, eBPF, Windows, and VPP.
Ingress Gateway
Provides a standardized approach to managing Kubernetes ingress traffic using the Gateway API. Integrates Envoy Gateway, hardened for enterprise use, to provide comprehensive security and observability for ingress traffic.
Egress Gateway
Enables perimeter-based security tools like firewalls to work seamlessly with Kubernetes. Calico’s egress gateway assigns a static IP address to egress traffic from Kubernetes pod, to facilitate integration with firewalls, and other tools that require a static IP address for identification.
Network security
Improve network security posture with fine-grained network policies. Limit egress traffic by IPs, domains and IP CIDRs. Automatically identify namespace boundaries & recommend policies for namespace isolation. Implement custom microsegmentation with granular access controls. Rich policy management tools.
Cluster mesh
Enable connectivity and enhanced security for your multi-cluster Kubernetes applications. Provides connectivity, service discovery, network security and observability for your multi-cluster environments. Deploy an operationally simpler alternative to a service mesh.
Centralized Network Security
A single management plane to seamlessly oversee network security across various Kubernetes distributions, simplifying network policy management and ensuring consistent compliance throughout all Kubernetes deployments.
Observability & Troubleshooting
Enhance network visibility for better security and faster troubleshooting. Gain a comprehensive view of your network topology, including workload connections, dependencies, and detailed traffic data. Stay ahead of threats and ensure that workloads in your cluster operate smoothly and securely.
Incident response
Respond to threats swiftly, ensuring your environment remains secure. Use Calico security events dashboard or export security events to your SIEM. Use forensics tools to identify attackers and deploy virtual patching controls.
Compliance
Achieve consistent and continuous compliance for PCI, SOC 2, HIPAA, GDPR and other regulations. Enforce security policy as code for consistency. Easy audit reporting with on-demand or scheduled compliance reports. View compliance history and export auditor-ready compliance data anytime.
Self-service | CI/CD integration
Implement security as code, seamlessly deploying policies through your CI/CD pipeline. Use a rich suite of tools to author, recommend, and preview policies before enforcement. Use policy tiers to manage enforcement order, allowing teams to contribute policies without risking essential protections.
