Navigator Package

Security for Containers and Kubernetes

Meet your organizations’ advanced security and observability requirements for containers and Kubernetes in complex cloud environment which spans across multiple clusters and regions to reduce attack surface, deploy zero-trust workload controls, implement identity-aware microsegmentation and have unified controls across multiple clusters with help of subject matter experts in 10-days.

Tigera will provide up to 10 days of professional services and consulting to assist you in implementing advanced security use cases and observability tools with Calico Cloud or Calico Enterprise in your environment.

Service Summary


Calico Enterprise (CE)/Calico Cloud (CC) installation for up to four clusters
Security policy design for micro-segmentation
Multi-cluster design for Calico Enterprise
Implementation of up to 25 security policies
Implementation of up to 3 role-based access control (RBAC)


Calico Enterprise / Calico Cloud deployment recommendations customized to your environment
Security policy design for implementing identity-aware micro-segmentation
Security policy design that aligns with the customer’s security objectives for containers and Kubernetes
Design and deployment for multi-cluster controls*
Enablement and knowledge transfer sessions for seamless operations
*Calico Enterprise only

Project Activities

1. Technical Discovery

Conduct a technical discovery session to identify business requirements, customer environment, and success criteria for the Calico Enterprise / Calico Cloud deployment.
Produce a technical discovery document that captures:
  • Success factors
  • Kubernetes security requirements
  • Logging and storage requirements
  • RBAC requirements
  • Multi-cluster management (MCM) requirements*
Produce Project Plan

2. Solution Design

Security policy design workshop for micro-segmentation
Log storage sizing*
RBAC design workshop
Produce Calico Enterprise /Calico Cloud Design Document capturing the following:
  • CE/CC deployment design and manifests
  • Log storage sizing and manifests*
  • Security policy implementation framework and methodology
  • RBAC design and manifests
  • Multi-cluster-management (MCM) design and manifests*

3. Calico Enterprise Deployment

Assist in deploying Calico Enterprise / Calico Cloud for up to four clusters
Implement security policies (up to 25 policies)
Implement RBAC and integrate with an external identity provider if required (up to 3 RBAC)
Deploy MCM*

4. Testing and Enablement

Test Calico Enterprise functionality and use-cases
Customer enablement

5. Project Closure

Customer sign-off
*Calico Enterprise only
**Some activities above may not apply to all customers. Activities applicable to a customer will be finalized during project planning.

Project Management

Tigera Responsibilities

Provide the customer with a list of designated Tigera resources and their roles and responsibilities.
Work with the customer to determine the project milestones, timeline, and dependencies.
Develop a project plan capturing milestones, timelines, and resourcing.
Schedule a weekly/bi-weekly sync meeting with the customer if needed (during weeks of active engagement).
Provide a weekly project status report to the customer (during weeks of active engagement) for review and approval.

Customer Responsibilities

Provide Tigera with a list of designated customer resources and their roles and responsibilities.
Designate and ensure customer resources are available to work with Tigera on planning, information gathering, design, and implementation activities.
Review and approve the Technical Discovery and Calico Enterprise / Calico Cloud Solution Design documents.
Review and approve the Project Plan.

Service Delivery

Schedule and Location

Tigera shall remotely deliver services to the customer. Professional services hours will be utilized according to the agreed project schedule. Customers must ensure that appropriate resources are available for the delivery of services. Any delays or adjustments to the project plan must be mutually agreed upon.

Service Reporting and Approval

Tigera will provide a weekly project status report during weeks of active engagement. The customer shall provide a written acknowledgment of delivered services or reasons for rejection within two (2) business days of receipt. Offered services will be considered approved if the customer fails to provide an acknowledgment or reasons for rejection within two (2) business days of receipt of the report.

Document Review and Approval

For documents that require review and approval, Tigera and the customer shall follow the following process:
Tigera shall share the draft document with the customer for review and approval.
The customer shall review the draft document and provide written comments or approval within two (2) business days of receipt.
If the customer comments on the document, Tigera shall review and update the document promptly, and this review and approval process will repeat.
The document will be considered approved and final if the customer fails to provide written comments or approval of the document within two (2) business days of receipt.