Cloud Microsegmentation

Cloud-native microsegmentation for all your workloads

Every cloud and hosting environment has a unique approach to segmentation, which leads to operational overhead and security gaps when segmenting traffic within and between these environments. Calico Enterprise provides a common segmentation protocol that works across all of your environments, and scales at the pace of your microservices environment.

Common Model

One microsegmentation policy model for all your environments

Learn more about Common Segmentation Model

Dynamic Segmentation

Label-based segmentation so you don’t need to change policies to deploy workloads

Learn more about Dynamic Segmentation

Performance at Scale

Make changes and enforce them in milliseconds

Learn more about Performance at Scale

Common Segmentation Model

Calico Enterprise offers a common segmentation model that works across all clouds, VMs, and Kubernetes deployments. Until now, each environment uses its own methodology for segmentation

  • AWS Security Groups
  • Azure Network Security Groups
  • Google Cloud Firewalls
  • VMware NSX

Calico Enterprise provides a common security model that works across multi-cloud, VM, and Kubernetes environments and provides a defense in depth security posture when deployed in conjunction with the existing security models.

Dynamic Segmentation

Calico Enterprise segments workloads based on metadata and labels attached to those workloads. This enables you to securely deploy new or updated workloads without having to add or change your segmentation policies.

This approach eliminates the complexity and operational overhead associated with managing your segmentation policies.

Performance at Scale

Many segmentation tools utilize a central policy evaluation engine that becomes a chokepoint for cloud deployments. When using this legacy architecture, changes to segmentation policies can take hours to take effect. When auto-scaling your microservices or deploying changes, this time lag can cause service outages and lengthy deployment times.

Calico Enterprise utilizes a cloud-native distributed architecture that can accept and enforce changes across cloud-scale environments in milliseconds. This enables rapid auto-scaling of your microservices environment as well as the ability to rapidly thwart security incidents by rolling out segmentation policy changes in response to an attack.

Interested in trying Calico Enterprise to segment your cloud or multi-cloud environment?

Sign up for a free trial or get a demo