Tigera: Kubernetes Security & Networking

At a glance

Category: Security
Best for: Platform engineering teams, Kubernetes security administrators, AI infrastructure leads, Compliance officers in cloud-native environments
Pricing: A free tier is available. Calico Cloud SaaS starts at $0.025 per vCPU hour, and Calico Enterprise uses custom pricing.
Key use cases: AI Workload Governance, Regulatory Compliance, Network Isolation, Multi-Cluster Visibility
Integrations: AWS EKS, Azure AKS, Google GKE, Red Hat OpenShift, SUSE Rancher
Official website: www.tigera.io

Tigera is a networking and security platform designed for Kubernetes environments. It provides tools for microsegmentation and network observability, supporting how workloads communicate across clusters and distributions, including virtual machines and bare metal hosts.

The platform is designed for security teams, platform engineers, and AI teams. It focuses on security through identity-aware policies and provides visibility into network traffic to help troubleshoot communication issues.

Beyond standard networking, the tool includes a governance layer for AI agents, intended to authorize and monitor what autonomous agents are permitted to do. It also supports several compliance frameworks by automating policy enforcement and reporting.

Buyers should confirm which edition they need, as the open-source version differs from the SaaS and Enterprise offerings in terms of observability and support features.

Key Features

eBPF Networking

Uses eBPF for scalable Kubernetes networking and observability with reduced CPU overhead.

Microsegmentation

Isolates workloads based on metadata like labels and namespaces to help prevent lateral movement of threats.

AI Agent Governance (TAG)

Provides authorization controls and visibility into the behavior and access of AI agents.

WireGuard Encryption

Supports transport-level encryption for pod-to-pod traffic using WireGuard tunnels.

Compliance Reporting

Includes support and reporting for PCI DSS, SOC 2, HIPAA, GDPR, and NIST.

Policy-as-Code

Supports integrating security policies into CI/CD pipelines for consistent enforcement.

Use Cases

AI Workload Governance

Managing and authorizing the communication and behavior of AI agents across Kubernetes clusters.

Regulatory Compliance

Using automated policy enforcement and reports to help meet standards like HIPAA or PCI DSS.

Network Isolation

Applying microsegmentation to restrict workload access and help reduce the risk of lateral threat movement.

Multi-Cluster Visibility

Observing and troubleshooting network traffic across different Kubernetes distributions and environments.

Best For

Platform engineering teamsKubernetes security administratorsAI infrastructure leadsCompliance officers in cloud-native environments

Integrations

AWS EKSAzure AKSGoogle GKERed Hat OpenShiftSUSE Rancher

Pricing

A free tier is available. Calico Cloud SaaS starts at $0.025 per vCPU hour, and Calico Enterprise uses custom pricing.

FAQ

What is the difference between the free tier and the SaaS plan?

The Free Tier is limited to one user, one cluster, and 24-hour data retention. The SaaS plan adds threat detection, egress gateways, multi-cluster support, and 7-day log retention.

Does Tigera support compliance frameworks?

Yes, it provides support and reporting for PCI DSS, SOC 2, HIPAA, GDPR, and NIST.

Can this be used for non-Kubernetes workloads?

Yes, the platform is designed to extend network security policies to virtual machines and bare metal servers.

Source category: Security

Source subcategory: Cybersecurity

Categories:

Security

Software Type:

Cybersecurity

How AI is used

Tigera is a Kubernetes networking and security platform for platform and security teams. It supports AI workload governance and microsegmentation across multiple clusters. Paid subscriptions are required for full enterprise features.