Deploy and manage a consistent set of networking and security policies for Kubernetes clusters on Google Cloud Platform (GCP). Tigera’s Calico Cloud gives teams a single pane of glass across multi-cluster and hybrid clouds to deploy a standard set of egress access controls, enforce consistent security policies for compliance, and easily observe and troubleshoot applications.
With GCP and Tigera you can address the most common use cases for Kubernetes networking, security, and observability in Google Kubernetes Engine (GKE) with Calico:
Manage egress access: Kubernetes has no built-in capability to enforce network policy. Calico can securely control egress access to external resources with the following:
- DNS policy
- Egress access gateway
- Enterprise security and compliance: Get data-in-transit encryption with industry-leading performance, as well as compliance reporting for security policies and controls. Leverage an incredibly rich intrusion detection feature set that includes threat feeds to identify known bad actors, custom alerts for known attacks, anomaly detection, and honeypods.
- Observe and troubleshoot: Detect, identify, and resolve the performance hotspots, anomalies, and connectivity issues between microservices running on GKE clusters.
How It Works
Calico provides a common networking and security policy model using Kubernetes constructs like labels and selectors to control and restrict access to specific namespaces, microservices, and pods.