• 25 Dec, 2024

Tigera Enhances Calico with Major Network and Runtime Security Updates

Tigera Enhances Calico with Major Network and Runtime Security Updates

New features extend Calico network security to virtual machines and hosts, help operators tune and customize runtime security, and simplify the management of network security

SAN FRANCISCO, Nov. 12, 2024 -- Tigera, the creator of Project Calico, the most adopted technology for container networking and security, today announced several new features that significantly advance Calico's network security and runtime security capabilities. Tigera will debut the latest updates to Calico Cloud, Calico Enterprise, and Calico Open Source during KubeCon North America at Booth #H7.

With the rise in Artificial Intelligence (AI) applications, and the infrastructure trend of migrating from virtual machines (VMs) to Kubernetes, network security has become critical. Tigera's new updates to Calico extend its network security and visibility capabilities to VMs and hosts, and provide several new enhancements for implementing network security.

The new release of Calico also includes essential capabilities for security teams. Today, there is a critical need to simplify security monitoring. Security operations teams are overwhelmed with the number of security events and false positives, and need solutions that help them become more efficient and effective in their roles. Tigera has enhanced Calico's runtime security capabilities, including fine-tuning the detectors to eliminate noise and make the detection more targeted.

Network Security Enhancements

  • Policy Tiers and Support for AdminNetwork and BaselineNetwork Policies – Calico now supports new Kubernetes policies and Calico policy tiers that provide granular control over policy precedence, ensuring predictable, consistent enforcement and enabling better collaboration between teams.
  • Extend Calico Network Security Beyond Kubernetes to VMs and Hosts – Calico can protect VMs and hosts running outside of a Kubernetes cluster, significantly expanding the scope of how users can leverage Calico to secure application workloads.
  • Native Support for nftables – Calico introduces native support for nftables, ensuring that Kubernetes users can smoothly transition from iptables to nftables while maintaining performance and compatibility.
  • New Sidecar Deployment for Envoy in Calico – Ensures greater levels of compatibility with certain Kubernetes platforms such as GKE, AKS, EKS and Wireguard.

Runtime Security Enhancements

  • Fine-Tuned Runtime Threat Detection for Accuracy and Efficiency – Calico allows administrators to select which types of detectors to enable in their cluster, enabling teams to phase their deployment and tune and customize threat detection.
  • Significant Reduction of False Positives – Calico enables operators to bypass threat detection for certain known processes, thereby eliminating false positives.
  • Bolstered Network-Based Threat Detection – Calico supports the ability to customize SNORT rules for Deep Packet Inspection (DPI) on a workload basis to improve accuracy.
  • Insight into the Exploitability of Vulnerabilities to Prioritize Remediation – Calico introduces new meta data including Exploit Prediction Scoring System (EPSS) and information on known exploits to estimate the likelihood that the software vulnerability will be exploited in the wild.

"We are pleased to extend Calico's renowned network security beyond Kubernetes clusters to virtual machines and hosts," said Amit Gupta, Chief Product Officer, Tigera. "Organizations can now use a single pane of glass to visualize and manage network security across their Kubernetes and non-Kubernetes environments. All network security features, including egress access controls and microsegmentation, will work in the same way they do in Kubernetes clusters. These updates further our mission to equip users with robust, comprehensive networking and security solutions to meet their modern business needs."

With these new updates, Calico provides platform and security engineers with more control, visibility, and efficiency in securing and managing their Kubernetes and hybrid environments. Calico's latest enhancements offer both flexibility for development teams and strict controls for platform and security teams. Learn more about Calico's new capabilities here.

Meet Tigera at KubeCon North America 2024

Register for CalicoCon 2024: On November 12, Tigera will host CalicoCon 2024, an immersive event led by the Calico team, where attendees will gain education, training, and best practices on Kubernetes networking, security, and observability. This event is a co-located event at KubeCon + CloudNativeCon North America 2024. KubeCon NA attendees can register by adding it to their existing registration using the CNCF portal.

Meet Tigera at Booth #H7: To get the latest updates on Calico's container networking and security advancements, visit Tigera at KubeCon North America 2024 at Booth #H7.

Hear from Tigera developers and engineers during KubeCon NA sessions: 

  • Casey Davenport, Developer, Tigera, will participate in the session: "How the Tables Have Turned: Kubernetes Says Goodbye to Iptables". Those attending KubeCon NA can register here.
  • Shaun Crampton, Distinguished Engineer, Tigera, will participate in the session: "SIG Network Intro and Updates session". Those attending KubeCon NA can register here.

Click here to learn more about Tigera's solutions or request a free trial.

About Tigera
Tigera provides secure networking and comprehensive protection for containers and Kubernetes. Tigera's Calico Cloud is the industry's only container security platform with built-in network security to prevent, detect, troubleshoot, and automatically mitigate exposure risks of security breaches. The company's self-managed service offering, Calico Enterprise, provides high-availability networking and simplified network security for cloud-native applications. Its open-source offering, Calico Open Source, is the most widely adopted container networking and security solution.

Powering more than 100M containers across 8M+ nodes in 166 countries, Calico software is supported across all major cloud providers and Kubernetes distributions, and is used by leading companies including Discover, Chipotle, NBCUniversal, HanseMerkur, Box, Siemens Healthineers, Playtech, Royal Bank of Canada, and Bell Canada.

This News is brought to you by Qube Mark, your trusted source for the latest updates and insights in marketing technology. Stay tuned for more groundbreaking innovations in the world of technology. 

PR Newswire

PR Newswire empowers communicators to identify and engage with key influencers, craft and distribute meaningful stories, and measure the financial impact of their efforts. Cision is a leading global provider of earned media software and services to public relations and marketing communications professionals.