Effortless Confidentiality and Integrity
How can I encrypt traffic on my clusters, without an operational headache?
- Encryption is required for many compliance frameworks.
- However, there's no native pod-to-pod encryption with Kubernetes
- Typical solutions are 1) embedding encryption in the application or 2) use a service mesh
- Embedding encryption within an app is too complicated and requires app and security domain expertise,
- Most Service Mesh implementations come are very complex and hard to manage and operate
Cilium Network Security
- Simple “one switch to flip” to enable. Non application changes required.
- Automatic key rotation with support for overlapping keys.
- Efficient datapath encryption using in-kernel IPsec or WireGuard®. No proxy required.
- All node traffic encrypted, including non-standard traffic like UDP.
- Works in conjunction with Cilium Cluster Mesh and VM connectivity.
- Works across all public and private clouds.
Effectively secure the data plane
- Meet compliance requirements: standards such as PCI require encryption of data in transit.
- Secure traffic on shared hardware and networks like public or private clouds.
- Enable secure operations during migration, encrypting traffic between cloud native and traditional workloads.
- Safely use apps with non-standard traffic requirements.
Transparent Encryption Demo with WireGuard
In Episode 3 of the regular livestream covering all things related to eBPF and Cilium, Martynas Pumputis introduces WireGuard and explains how Wireguard on Cilium can be used to encrypt network traffic.
Want to learn more?
There is plenty more material available if you'd like to learn more.
Start a Lab
Step through our interactive labs in a sandbox environment.Start a Lab
Engage with the Isovalent sales team to assess an enterprise-grade deployment of Cilium.Contact Sales
Request a Demo
Request a personalized live demo with an Isovalent Cilium Enterprise expert.Request a Demo