Google Cloud Platform and GKE
Get active, zero-trust based security for cloud-native applications running containerized workloads on Google Kubernetes Engine (GKE), and for self-managed Kubernetes on Google Cloud VMs
Overview
Deploy and manage a consistent set of networking and security policies for Kubernetes clusters on Google Cloud Platform (GCP). Tigera provides an active Cloud-Native Application Platform (CNAPP) with full-stack observability for containers and Kubernetes that prevents, detects, troubleshoots, and automatically mitigates exposure risks of security issues in build, deploy, and runtime stages.
Benefits
Calico Cloud enables organizations to prevent attacks using zero trust, and to detect, troubleshoot, and automatically remediate exposure risks from security issues in build, deploy, and runtime stages across multi-cloud and hybrid deployments.
Features included:
- Reduce attack surface with zero trust:
- Enabling users to enforce zero-trust workload access
- Identity-aware micro-segmentation for workloads
- Universal Firewall integration
- Envoy-based application-level security
- Detect known and unknown threats:
- Protect workloads from container and network based threats
- Workload-based WAF, IDS/IPS with Deep packet inspection, DDoS attack protection
- ML-based Zero-day workload threat identification
- Vulnerabilities and Malware protection
- Automatic risk mitigation:
- Dynamic Service and Threat Graph
- Dynamic Packet Capture
- Security policy recommender
- Admission Controller
- Security Policies to Alert, Pause, Quarantine, Terminate
How It Works
Calico provides a common networking and security policy model using Kubernetes constructs like labels and selectors to control and restrict access to specific namespaces, microservices, and pods.
Get Started
Getting started with Calico and GKE is easy.
Everything you need to get Calico installed and configured in your GCP GKE cluster is available here.