Ensure secure virtual networking with Project Calico

**Project Calico**
Managing cloud-native networks is not the same as networks in an on-premise environment

Cloud-based networks have a different set of challenges that require a specialized solution

You need specialized tools to manage networks running Kubernetes applications

Project Calico is a free and open-source network security solution for cloud-native applications

It is used to manage network policies for containers, VMs, and native host-based workloads

**Dig Deeper**
Calico primarily offers network connectivity and security policy enforcement between workloads

Perimeter firewalls are a big loophole in network security

If the perimeter firewall is breached, the entire system is open to attack

Rather than having a perimeter firewall, Calico creates micro-firewalls around each service

This way, even if one service is breached, the rest of the system stays secure

This project has multiple data planes, such as a Linux eBPF and a Windows HNS data plane

Calico supports several platforms such as Kubernetes, Docker EE, OpenStack, OpenShift, and bare metal services

**Deployment options**
It supports a broad range of deployment options via using modular components like

* CNI plugins for Kube

* Neutron ML2 plugin (for VM networking for OpenStack)

* Felix (a policy engine)

* BGP routing stack

* Calicoctl (a simple command-line interface)

* Non-overlay and overlay networking options

**Key features**

It offers features such as visibility & troubleshooting, self-service security, zero-trust security Users also get cloud micro-segmentation, intrusion detection, and multi-tenancy

It also provides advanced egress access controls, extended firewalls, and additional security controls

If you are looking for virtual network security that scales data centers, and cloud-native, Calico is the way to go

To know more about Project Calico and related topics, please visit www.TwainTaylor.com

source by Twain Taylor

openstack