Enterprise-class eBPF-powered Networking, Observability, and Security.
Cilium Open Source provides eBPF-based networking, observability, and security with optimal scale and performance for platform teams operating Kubernetes environments across cloud and on-prem infrastructure.
Cilium Enterprise addresses the complex workflows related to security automation, forensics, compliance, role-based access control, and integration with legacy infrastructure that arise as platform teams engage with application and security teams within an enterprise organization.
Platform teams pride themselves on providing the highest performance, most scalable infrastructure. Thanks to eBPF, Cilium Enterprise delivers the most modern networking and security solution – the scalability and performance you need without the compromises required by other solutions.
Whether you have 50 pods or 100K, Cilium effortlessly forwards traffic, balances load, and monitors your infrastructure. Highly tested, fully backported, and backed by 24/7 support from the builders of eBPF and Cilium, you can trust your most important workloads to Cilium Enterprise.
Traditional approaches to network security visibility provide little help when performing incident investigations, compliance monitoring, or threat detection for Kubernetes workloads. These tools operate only at the network perimeter, missing the vast majority of service-to-service communications and rely heavily on IP and port-based flow logs. Since Kubernetes workloads are highly ephemeral, IP-based logs fail to reliably identify the team or service that initiated or received a network connection. Simply knowing the port of connection is insufficient, as you also need to know whether the connection was allowed/denied, properly encrypted, and need the contents of higher level protocols (e.g. HTTP headers).
The power of eBPF gives Cilium a uniquely powerful and efficient vantage point for security visibility that combines network and runtime behavior, with full Kubernetes identity to provide a single source of data for cloud native forensics, audit, compliance monitoring and threat detection integrated into your SIEM/log aggregation platform of choice.
As application teams architect and run highly distributed API-driven services in Kubernetes, visibility into network connectivity behavior is critical to running production-grade services. Kubernetes, however, provides little visibility into the network behavior of the workloads it runs as pods. Traditional IP-based network monitoring tools don’t really help, given that ephemeral Pod IPs do not identify the services that are impacted, and lack the ability to restrict an application team’s view of this data to only the data relevant to their application. The end result is that Kubernetes platform teams are often pulled in to assist.
Cilium Enterprise provides simple “self-service” tools for monitoring, troubleshooting, and security workflows in Kubernetes. Each application team is given access to both current and historical views of flow data, metrics, and visualizations for their specific namespaces, helping them to easily understand if network connectivity issues are impacting their application health. Additionally, using a combination of this historical connectivity data and information about InfoSec policies, a suite of tools automates the creation and approval of network policies, allowing it to be an integrated part of the application teams CI/CD process.
Features that are part of the open source Cilium community codebase.
Hardened & supported
distribution of Cilium plus advanced observability and security workflows.
Core Secure & Scalable Connectivity
Advanced Secure & Scalable Connectivity
Ops-Centric Connectivity Observability
Application Team Troubleshooting & Policy Workflows
SecOps Observability Workflows
Enterprise Distribution & Support