Listing Thumbnail

    Calico Cloud: SaaS for active security for cloud-native applications

     Info
    Sold by: Tigera Inc. 
    Calico Cloud is a fully managed pay-as-you-go SaaS based Cloud-Native Application Protection Platform (CNAPP) with full-stack observability for containers, Kubernetes, and cloud on AWS and EKS clusters.
    Listing Thumbnail

    Calico Cloud: SaaS for active security for cloud-native applications

     Info
    Sold by: Tigera Inc. 

    Overview

    Calico Cloud enables organizations to prevent attacks using zero trust, and to detect, troubleshoot, and automatically remediate exposure risks from security issues in build, deploy, and runtime stages across multi-cloud and hybrid deployments. It works across multiple dataplanes starting from eBPF, Linux, Windows, VPP. Calico Cloud is built on Calico Open Source, the most widely adopted container networking and security solution.

    • Container Security: Protect containers during development and production. Reduce attack surface with vulnerability and misconfiguration detection. Provide runtime protection from known threats and zero-day vulnerabilities.

    • Zero-trust workload security: Reduce attack surface with zero-trust workload access and identity-aware microsegmentation. Prevent ransomware, APTs, and DDoS attacks with Calico Cloud workload-level security controls.

    • Compliance: Cloud-native application compliance for major standards. Continuously monitor compliance with daily, weekly, and monthly audit reports.

    • Observability & Troubleshooting: Monitor and troubleshoot service performance in real time. In case of a breach or vulnerability, get instant granular information on compromised services and evaluate blast radius.

    Highlights

    • Reduce attack surface with zero trust: - Enabling users to enforce zero-trust workload access - Identity-aware micro-segmentation for workloads - Universal Firewall integration - Envoy-based application-level security
    • Detect known and unknown threats: - Protect workloads from container and network based threats - Workload-based WAF, IDS/IPS with Deep packet inspection, DDoS attack protection - ML-based Zero-day workload threat identification - Vulnerabilities and Malware protection
    • Automatic risk mitigation: - Dynamic Service and Threat Graph - Dynamic Packet Capture - Security policy recommender - Admission Controller - Security Policies to Alert, Pause, Quarantine, Terminate

    Details

    Delivery method

    Pricing

    Calico Cloud: SaaS for active security for cloud-native applications

     Info
    Pricing is based on contract duration. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for any usage exceeds the entitle amount or not covered in the contract. These charges will be applied on top of the contract price. If you choose not to renew or replace your contract before it ends, access to your entitlements will expire.

    1-month contract (3)

     Info
    Dimension
    Description
    Cost/month
    Free Trial Subscription
    First month free, Cancel Anytime
    $0.00
    Pro Subscription
    Billed at $0.08/node hour and includes 200GB of ingested log data
    $58.00
    Starter Subscription
    Billed at $0.05/node hour and includes 100GB of ingested log data
    $36.50

    Additional usage costs (3)

     Info

    The following dimensions are not included in the contract terms, which will be charged based on your usage.

    Dimension
    Cost/unit
    Pro Node Hour (Up to 4 vCPU in each node)
    $0.08
    Starter Node Hour (Up to 4 vCPU in each node)
    $0.05
    Additional Ingested Log Data per GB
    $0.25

    Vendor refund policy

    All fees are non-cancellable and non-refundable except as required by law

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Resources

    Support

    Vendor support

    24x7 for Calico Cloud Pro. 8:00 am - 5:00 pm PT on US business days for Starter. The complete support policy is here: https://www.tigera.io/legal/calico-cloud-support-policy . calicocloud-support@tigera.io 

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Similar products

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    |
    23 external reviews
    External reviews are sourced from G2  and are not included in the star rating for this product.
    Financial Services

    Security at its finest

    Reviewed on Oct 01, 2024
    Review provided by G2
    What do you like best about the product?
    It is an easy and customizable way to use cloud based orchestration Kubernetes and to hae workflow editors to scale up, scale out, and focus on devsecops, Ioc's and malicious threat actors. This is thought of and done in the perspective of devsecops and cloud practitioners.
    What do you dislike about the product?
    Nothing - it is easy to use and not very hard to get value in time.
    What problems is the product solving and how is that benefiting you?
    Using Kubernetes in the form of devsecops and container runtime. Also cloud security posture management has been an important area.
    Computer & Network Security

    Sr. DevOps Engineer

    Reviewed on Sep 24, 2024
    Review provided by G2
    What do you like best about the product?
    It is providing all insights in one place, you can visualize your data flowing and troubleshoot your network policy easily. Easy of implementation, customer support is very reliable,
    What do you dislike about the product?
    I can see other CNI vendors are using latest technologies but calico still using iptables. which makes your network slow in comparison to eBPF.
    What problems is the product solving and how is that benefiting you?
    It shows visibility of your network policies, and which make it easy to debug, because without it debug network blocked policy is nightmare.
    Internet

    Great solution for managing network policy and image scanning

    Reviewed on Jul 31, 2024
    Review provided by G2
    What do you like best about the product?
    The network policy recommendations are a great feature and provide an excellent starting point for policy generation. The network observability tool combined with the Kibana logs provides full visibility into what is happening with respect to allowed and denied traffic throughout the cluster. Calico Cloud makes managing network policy vastly easier. Tigera support is great; they have been very responsive.
    What do you dislike about the product?
    The pricing model is based on core counts, making it rather expensive both for compute-heavy clusters and for clusters that have a large number of smaller nodes. Registry scanning could be better integrated into the product.
    What problems is the product solving and how is that benefiting you?
    Calico Cloud enables us to easily view and manage network policy, and provides container image scanning within our clusters.
    Edmond G.

    Great Container Security Solution with zero trust security approach

    Reviewed on Jul 30, 2024
    Review provided by G2
    What do you like best about the product?
    Calico Cloud addressed various security challenges for container platform, it extended l7 network policy capabilities with powerful & fleaxible configuration options and by default support zero trust security model. This helps us to be able to manage calico configurations via both gitops platform & application ci/cd processes in a secure way to meet requirements from vairous teams without many operation overheads. This helps boost the team efficiency.

    It's a painless implementation process and easy quick to setup. Calico Cloud offers full package of container security features, e.g. runtime security, intrution detections, in-cluseter waf, observability, etc. more than just advanced network policy.

    Tigera support is knowledgable and the provided training videos help quickly get familiar with its observability tooling and troubleshooting processes.
    What do you dislike about the product?
    alerting & 3-rd party integrations hopefully can be improved.
    network policy constructions user experience requires lots of domain knowledge, this might be difficult for beginners.
    wireguard & l7 logging configs conflicts happened before, hopefully it will be resolved in the near future.
    the dashboard has lots of information and might be confusing when you use it at the begining, it's a bit complex to use it and understand the end to end troubleshooting process
    What problems is the product solving and how is that benefiting you?
    protect N-S, W-E traffic and adding observabilities and container runtime protections
    Ed M.

    A very good CNI solution, with some shortcomings

    Reviewed on Jul 11, 2024
    Review provided by G2
    What do you like best about the product?
    Calico Cloud is a great CNI solution, versatile regarding the supported protocols it will easily scale in most cloud, hybrid, and on-prem deployments. The BGP backend makes it easier to manage routes at scale, and it can integrate with BGP-only layer 3 datacenter fabrics as well.

    Installation is quick, and thanks to a well-documented set of CRD resources, configuration is also pretty straightforward.

    Calico also bundles the whole Tigera security/observability suite, which comes in handy to write more complex network policies which extend to hosts. The built-in manager web UI is also useful to quickly visualise what policies are deployed in any environment.
    What do you dislike about the product?
    There are some shortcomings with some of the enterprise features, some of them suffer from small bugs which still have not been solved. Although support is quick to react, it can take a long time to obtain a proper bug fix in a next release.

    The current network policy implementation, although solid, also suffers from limitations in terms of the selectors, which can lead to some rather complex workarounds. Also, the manager web UI is very limited and will not help a lot when troubleshooting denied flows. Most of the time, learning to use Kibana which is part of the installation and writing KQL queries will be more useful.

    Although installation is easy, uninstalling Calico can be a bit difficult as the Tigera operator does not clean the installed resources. You will have to locate the remnants yourself, and delete them.
    What problems is the product solving and how is that benefiting you?
    Calico Cloud enables us to extend Kubernetes network policies, and unify the network security operations under a single Kubernetes-based declarative worflow. It provides a way to author, deploy, manage, and monitor security policies in any Kubernetes cluster.
    View all reviews