Product
Enterprise-class eBPF-powered Networking, Observability, and Security.
Cilium Enterprise
Our philosophy
Cilium open source
Cilium Open Source provides eBPF-based networking, observability, and security with optimal scale and performance for platform teams operating Kubernetes environments across cloud and on-prem infrastructure.
Cilium enterprise
Cilium Enterprise addresses the complex workflows related to security automation, forensics, compliance, role-based access control, and integration with legacy infrastructure that arise as platform teams engage with application and security teams within an enterprise organization.
Cilium Enterprise
Our offering
Secure & Scalable Connectivity
- Zero-Trust Network Policy
- High-Performance Load Balancing
- Multi-cluster Connectivity
- Transparent Encryption
Security Compliance & Forensics
- Identity-Aware Event SIEM Export
- Network Flow Visibility
- Workload Runtime Visibility
- Compliance Monitoring
Application Team Troubleshooting & Policy Workflows
- Multi-tenant Connectivity Data + Metrics
- Historical Data Views + Analytics
- Simplified Network Policy Creation
- Automated Network Policy Approvals
Secure & Scalable Connectivity
The Problem
Platform teams pride themselves on providing the highest performance, most scalable infrastructure. Thanks to eBPF, Cilium Enterprise delivers the most modern networking and security solution – the scalability and performance you need without the compromises required by other solutions.
Our Solution
Whether you have 50 pods or 100K, Cilium effortlessly forwards traffic, balances load, and monitors your infrastructure. Highly tested, fully backported, and backed by 24/7 support from the builders of eBPF and Cilium, you can trust your most important workloads to Cilium Enterprise.
Security Compliance & Forensics
The Problem
Traditional approaches to network security visibility provide little help when performing incident investigations, compliance monitoring, or threat detection for Kubernetes workloads. These tools operate only at the network perimeter, missing the vast majority of service-to-service communications and rely heavily on IP and port-based flow logs. Since Kubernetes workloads are highly ephemeral, IP-based logs fail to reliably identify the team or service that initiated or received a network connection. Simply knowing the port of connection is insufficient, as you also need to know whether the connection was allowed/denied, properly encrypted, and need the contents of higher level protocols (e.g. HTTP headers).
Our Solution
The power of eBPF gives Cilium a uniquely powerful and efficient vantage point for security visibility that combines network and runtime behavior, with full Kubernetes identity to provide a single source of data for cloud native forensics, audit, compliance monitoring and threat detection integrated into your SIEM/log aggregation platform of choice.
Application Team Troubleshooting & Policy Workflows
The Problem
As application teams architect and run highly distributed API-driven services in Kubernetes, visibility into network connectivity behavior is critical to running production-grade services. Kubernetes, however, provides little visibility into the network behavior of the workloads it runs as pods. Traditional IP-based network monitoring tools don’t really help, given that ephemeral Pod IPs do not identify the services that are impacted, and lack the ability to restrict an application team’s view of this data to only the data relevant to their application. The end result is that Kubernetes platform teams are often pulled in to assist.
Our Solution
Cilium Enterprise provides simple “self-service” tools for monitoring, troubleshooting, and security workflows in Kubernetes. Each application team is given access to both current and historical views of flow data, metrics, and visualizations for their specific namespaces, helping them to easily understand if network connectivity issues are impacting their application health. Additionally, using a combination of this historical connectivity data and information about InfoSec policies, a suite of tools automates the creation and approval of network policies, allowing it to be an integrated part of the application teams CI/CD process.
Cilium Editions
Cilium Community
Features that are part of the open source Cilium community codebase.
Cilium Enterprise
Hardened & supported
distribution of Cilium plus advanced observability and security workflows.
Core Secure & Scalable Connectivity
Advanced Secure & Scalable Connectivity
Ops-Centric Connectivity Observability
Application Team Troubleshooting & Policy Workflows
SecOps Observability Workflows
Enterprise Distribution & Support
