Tigera strengthens real-time intrusion detection and prevention with container firewalls
Tigera latest release of Calico Cloud and Calico Enterprise further strengthens its unified platform for cloud-native application security and observability by introducing real-time intrusion detection and prevention, integration with the Palo Alto Networks’ Panorama firewall management platform, and dynamic packet capture for troubleshooting microservices.
Calico’s Container Firewall adds new intrusion detection and prevention capabilities based on Snort signatures and improves security through the use of automated, real-time anomaly detection, enabling users to identify, quarantine and resolve issues.
With the integration, Panorama can now authorize access to Kubernetes workloads and endpoints managed by Calico Enterprise, without having to create new, customized operational workflows, which is complex and time-consuming. Workload access controls in Panorama can be leveraged to provide granular access controls to microservices and applications running in Kubernetes deployment that are using Calico Enterprise. The integration enables platform and security teams to use Panorama as a centralized view to manage and secure resources.
Calico’s new dynamic packet capture feature in dynamic service graph greatly simplifies troubleshooting of microservices to four steps, reducing issue resolution time from hours to minutes.
“We’re introducing a new level of simplicity for observing and troubleshooting microservices, along with higher levels of security for cloud-native applications,” said Amit Gupta, vice president of business development and product management, Tigera. “Calico can now detect real-time threats based on signatures and malicious activity so that users can take corrective action immediately. Panorama users strengthen their overall security to Kubernetes environment automatically while reducing complexity, and no additional cost for them. The new dynamic packet capture functionality is the first of its kind for cloud-native applications, providing point-and-click simplicity to capture network packets across dynamic, distributed and ephemeral environments.”