Fortinet
Tigera is a Fortinet Fabric Ready technology partner. With this partnership, Fortinet customers will be able to extend their network security architecture to their Kubernetes environments. See this blog for more details.
Extending Your Fortinet Security to Kubernetes with Calico Enterprise
Fortinet and Tigera have partnered to deliver container-integrated solutions for the Calico network stack. As Kubernetes pilot projects transition to enterprise-wide application rollouts, companies must be able to extend their existing enterprise security architecture into the Kubernetes environment. Maintaining two disparate security stacks introduces additional complexity and manual processes which can lead to configuration drift and increased security exposure. Recognizing this need for a unified security approach, Fortinet and Tigera have jointly developed a suite of Calico Fortinet Fabric Ready solutions that deliver:
- North-South network traffic visibility and protection
- East-West network traffic visibility and protection
- Compliance ready reports and evidence
- Threat-intelligence capabilities
This suite comprises 4 key integrations:
- FortiManager Calico Kubernetes Controller translates FortiManager network policies to Calico Kubernetes network policy from a centralized management platform.
- FortiGate Calico Kubernetes Controller automatically updates FortiGate firewalls with Kubernetes pod IPs to control pod egress access, minimize firewall change orders and eliminate error-prone manual processes.
- FortiGuard Threat Feed enriches the Calico Enterprise threat database with global real-time threat intelligence from FortiGuard Labs to detect rogue containers and potentially compromised Kubernetes clusters.
- Calico FortiSIEM plug-in delivers Calico Enterprise generated Kubernetes telemetry data —DNS logs, flow logs, and audit logs—into the FortiSIEM for actionable intelligence by SecOps Incident and Response.
Calico Enterprise, Tigera’s commercial offering, layers tools and capabilities on Project Calico that enable platform engineers to accelerate the widespread adoption of Kubernetes across the enterprise. Addressing the needs of multiple stakeholders – end-users, application security requirements, networking and security teams – Calico Enterprise enables the platform team to streamline Kubernetes deployments resulting in faster-time-to-market, improved scalability and availability, agile multi/hybrid cloud flexibility while optimizing IT costs.
Calico Enterprise
Enterprise software and support that solves several common challenges to enterprise adoption use cases including
- Egress access controls to securely connect pods with cloud resources such as RDS and ElasticCache
- Enforcing and reporting on enterprise security controls required for compliance such as PCI DSS, GDPR, and internal policies
- Visibility and troubleshooting tools to avoid or quickly resolve connectivity issues
With Calico Enterprise you can manage security across multi-cluster environments that can span Fortinet as well as on-prem and multi-cloud across most Kubernetes distributions.
Try now Calico Enterprise on Fortinet
Calico Essentials
Training and workshops to help you get to production faster, as well as a named technical account manager for technical support.
See the course catalog here and the workshop catalog here. To learn more, click here.
Additional Resources:
- Blog: Ensuring Continuous Security Integration for DevSecOps
- Video: How Calico Enterprise Extends FortiGate NGFWs to Kubernetes
- Blog: Extending Next Generation FortiGate Firewalls to Kubernetes With Calico Enterprise
- Solution Brief: Extending Enterprise Security into Kubernetes Environments
- On-demand Webinar: Extending Your Fortinet Next-Gen Firewall to K8s with Calico Enterprise
- Blog: Tigera’s Fortinet Fabric-Ready Calico Enterprise Integration Secures K8s Environments
- Blog: Extend Fortinet FortiGate to Kubernetes with Calico Enterprise 2.7
- Blog: How Fortinet and Tigera Protect Kubernetes in the Enterprise
- Tigera Doc: Extend FortiGate Firewalls to Kubernetes with Calico Enterprise
- Accelerate Session Abstract: Calico and Fortinet: The Best of Breed for Kubernetes Networking & Network Security