Ensure secure virtual networking with Project Calico
**Project Calico**
Managing cloud-native networks is not the same as networks in an on-premise environment
Cloud-based networks have a different set of challenges that require a specialized solution
You need specialized tools to manage networks running Kubernetes applications
Project Calico is a free and open-source network security solution for cloud-native applications
It is used to manage network policies for containers, VMs, and native host-based workloads
**Dig Deeper**
Calico primarily offers network connectivity and security policy enforcement between workloads
Perimeter firewalls are a big loophole in network security
If the perimeter firewall is breached, the entire system is open to attack
Rather than having a perimeter firewall, Calico creates micro-firewalls around each service
This way, even if one service is breached, the rest of the system stays secure
This project has multiple data planes, such as a Linux eBPF and a Windows HNS data plane
Calico supports several platforms such as Kubernetes, Docker EE, OpenStack, OpenShift, and bare metal services
**Deployment options**
It supports a broad range of deployment options via using modular components like
* CNI plugins for Kube
* Neutron ML2 plugin (for VM networking for OpenStack)
* Felix (a policy engine)
* BGP routing stack
* Calicoctl (a simple command-line interface)
* Non-overlay and overlay networking options
**Key features**
It offers features such as visibility & troubleshooting, self-service security, zero-trust security Users also get cloud micro-segmentation, intrusion detection, and multi-tenancy
It also provides advanced egress access controls, extended firewalls, and additional security controls
If you are looking for virtual network security that scales data centers, and cloud-native, Calico is the way to go
To know more about Project Calico and related topics, please visit www.TwainTaylor.com
by Twain Taylor
openstack
