USE CASES

Cloud Microsegmentation

Every cloud and hosting environment has a unique approach to segmentation, which leads to operational overhead and security gaps when segmenting traffic within and between these environments. Calico Enterprise and Calico Cloud provide a common segmentation model that works across all of your environments, and scales to meet the expansion or contraction of your microservices environment.
 
Common Model

Dynamic Segmentation

Performance at Scale

Watch a Demo

Common Segmentation Model

Our common segmentation model works across all clouds, VMs, and Kubernetes distributions. Until now, each environment used its own methodology for segmentation

  • AWS Security Groups
  • Azure Network Security Groups
  • Google Cloud Firewalls
  • VMware NSX

Calico Enterprise and Calico Cloud change that paradigm by providing a common security model that works across multi-cloud, VM, and Kubernetes environments and provides a defense-in-depth security posture when deployed in conjunction with the existing security models.

Dynamic Segmentation

Calico Enterprise segments workloads based on metadata and labels attached to those workloads. This enables you to securely deploy new or updated workloads without having to add or change your segmentation policies.

This approach eliminates complexity and operational overhead associated with policy management.

Performance at Scale

Many segmentation tools utilize a central policy evaluation engine that becomes a choke-point for cloud deployments. When using this legacy architecture, changes to segmentation policies can take hours to take effect. When auto-scaling your microservices or deploying changes, this time lag results in lengthy deployment times and can cause service outages.

Calico Enterprise and Calico Cloud utilize a cloud-native distributed architecture that can accept and enforce changes across cloud-scale environments in milliseconds. This enables rapid auto-scaling of your microservices environment as well as the ability to rapidly thwart security incidents by rolling out segmentation policy changes in response to an attack.

Watch a Demo

 
X

📣 Read our new O'Reilly eBook on Kubernetes Security and ObservabilityLearn more >>>