Listing Thumbnail

    Calico Cloud: SaaS networking and network security for Kubernetes

     Info
    Sold by: Tigera Inc. 
    Deployed on AWS
    Calico Cloud is a fully managed pay-as-you-go SaaS based networking, network security, and observability platform for AWS and EKS Kubernetes clusters.

    Overview

    Tigera provides Calico, a unified network security and observability platform to prevent, detect and mitigate security breaches in Kubernetes clusters. The Calico platform is engineered to secure all types of network traffic including egress, ingress, in-cluster and cross-cluster. Calico offers centralized network security management across multiple Kubernetes distributions, for individual and multi-cluster deployments in the cloud or on premises. It facilitates seamless and consistent network policy enforcement, while empowering teams with observability and risk mitigation capabilities.

    Tigera is the creator and maintainer of Calico Open Source, the most widely adopted container networking and security solution. Calico software powers more than 100M containers across 8M+ nodes in 166 countries, and is supported across all major cloud providers and Kubernetes platforms.

    Highlights

    • Network security: Improve network security posture with fine-grained network policies. Limit egress traffic by IPs, domains and IP CIDRs. Automatically identify namespace boundaries and recommend policies for namespace isolation.
    • Egress Gateway: Calico Egress Gateway assigns a static IP address to egress traffic from Kubernetes pod, to facilitate integration with firewalls, and other tools that require a static IP address for identification.
    • Ingress Gateway: Provides a standardized approach to managing Kubernetes ingress traffic using the Gateway API. Integrates Envoy Gateway, hardened for enterprise use, to provide comprehensive security and observability for ingress traffic.

    Details

    Delivery method

    Deployed on AWS

    Unlock automation with AI agent solutions

    Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
    AI Agents

    Features and programs

    Financing for AWS Marketplace purchases

    AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
    Financing for AWS Marketplace purchases

    Pricing

    Calico Cloud: SaaS networking and network security for Kubernetes

     Info
    Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
    Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator  to estimate your infrastructure costs.

    1-month contract (3)

     Info
    Dimension
    Description
    Cost/month
    5 vCPU Subscription
    5 vCPUs billed monthly
    $90.00
    Pro Subscription
    Billed at $0.025/vCPU hour
    $18.00
    10 vCPU Subscription
    10 vCPUs billed monthly
    $180.00

    Additional usage costs (1)

     Info

    The following dimensions are not included in the contract terms, which will be charged based on your usage.

    Dimension
    Cost/unit
    vCPU Hour
    $0.025

    Vendor refund policy

    All fees are non-cancellable and non-refundable except as required by law

    How can we make this page better?

    We'd like to hear your feedback and ideas on how to improve this page.
    We'd like to hear your feedback and ideas on how to improve this page.

    Legal

    Vendor terms and conditions

    Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Usage information

     Info

    Delivery details

    Software as a Service (SaaS)

    SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

    Resources

    Support

    Vendor support

    24x7 for Calico Cloud Pro. The complete support policy is here: https://www.tigera.io/legal/calico-cloud-support-policy . calicocloud-support@tigera.io 

    AWS infrastructure support

    AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

    Product comparison

     Info
    Updated weekly

    Accolades

     Info
    Top
    10
    In Security
    Top
    10
    In Healthcare & Life Sciences

    Customer reviews

     Info
    Sentiment is AI generated from actual customer reviews on AWS and G2
    Reviews
    Functionality
    Ease of use
    Customer service
    Cost effectiveness
    Positive reviews
    Mixed reviews
    Negative reviews

    Overview

     Info
    AI generated from product descriptions
    Network Policy Management
    Fine-grained network policy enforcement across Kubernetes clusters with support for egress, ingress, in-cluster, and cross-cluster traffic control
    Traffic Segmentation
    Automatic identification and isolation of namespace boundaries with granular traffic limitation by IP addresses, domains, and IP CIDRs
    Egress Traffic Control
    Static IP address assignment for egress traffic from Kubernetes pods to enable integration with external firewalls and security tools
    Gateway Management
    Standardized ingress traffic management using Gateway API with integrated Envoy Gateway for enterprise-grade security
    Multi-Cluster Security
    Centralized network security management across multiple Kubernetes distributions in cloud and on-premises environments
    Threat Detection
    Advanced intrusion detection and prevention system with behavioral analysis and predictive machine learning capabilities
    Container Security
    Native security controls for Docker containers with automated protection and application control mechanisms
    Workload Protection
    Host-based security solution supporting both Windows and Linux environments with comprehensive vulnerability shielding
    Integrity Monitoring
    File and system integrity monitoring with real-time detection of unauthorized changes and configuration drifts
    Multi-Environment Support
    Security platform compatible with physical, virtual, and cloud infrastructure with flexible deployment options
    Cloud Security Posture Management
    Continuous scanning of cloud environments to identify assets, assess security and compliance settings, and detect potential malicious activities with integration to AWS GuardDuty and SecurityHub
    Endpoint Protection
    Advanced agent-based protection against malware, fileless threats, and ransomware for Windows and Linux hosts in cloud environments
    Threat Detection and Response
    24/7 managed detection and response service leveraging telemetry from multiple security solutions including endpoint, firewall, network, email, and identity platforms
    Cloud Workload Protection
    Security agents designed to protect cloud-based Windows and Linux hosts against modern cyber threats including ransomware
    Network Security
    Cloud edge firewall solution providing network visibility, protection, and response across public, private, and hybrid cloud environments using cloud native, virtual, and physical appliances

    Contract

     Info
    Standard contract
    No
    No
    No

    Customer reviews

    Ratings and reviews

     Info
    0 ratings
    5 star
    4 star
    3 star
    2 star
    1 star
    0%
    0%
    0%
    0%
    0%
    0 AWS reviews
    |
    37 external reviews
    Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
    Erick Vincent Steve G.

    A powerful Cloud Native Security Solution

    Reviewed on Jul 20, 2025
    Review provided by G2
    What do you like best about the product?
    What I like best about Calico Cloud is its deep integration with Kubernetes and its strong support for eBPF, which enables high-performance networking and observability. The user interface is intuitive, and the policies are easy to configure using either YAML or the GUI. It also supports zero-trust security models out of the box, which is essential in modern cloud-native environments.
    What do you dislike about the product?
    One downside of Calico Cloud is that the initial setup.
    What problems is the product solving and how is that benefiting you?
    Calico Cloud helps us improve container security and stay compliant with cloud regulations. It lets us create network policies to control traffic between pods, monitor activity, and detect threats in real time. This makes it easier to secure our workloads and meet compliance standards like PCI and SOC 2.
    Architecture & Planning

    Robust Kubernetes Security with Room for Improvement

    Reviewed on Jul 18, 2025
    Review provided by G2
    What do you like best about the product?
    Calico Cloud excels in providing enterprise-grade security features for Kubernetes environments. The platform offers exceptional network policy management and real-time visibility into container traffic. I particularly appreciate the intuitive policy builder that helps create and implement zero-trust security models. The live troubleshooting tools are invaluable for diagnosing connectivity issues, and the integration with existing cloud platforms is seamless. The dynamic threat detection and automated security controls have significantly improved our cluster security posture.
    What do you dislike about the product?
    The initial setup and configuration process can be challenging for teams without extensive Kubernetes expertise. The documentation, while comprehensive, could be more user-friendly with better examples and use cases. Some advanced features require considerable fine-tuning to work optimally, which can be time-consuming.
    What problems is the product solving and how is that benefiting you?
    The pricing structure could be more transparent, and the cost can be significant for larger deployments. Additionally, the UI occasionally feels sluggish when handling multiple clusters, and some error messages could be more descriptive to help with troubleshooting.
    VIJAY H.

    Evaluating Calico Cloud: Secure, Scalable, and Kubernetes-Ready

    Reviewed on Jul 16, 2025
    Review provided by G2
    What do you like best about the product?
    Calico Cloud enforces identity-aware microsegmentation and least-privilege access by default. It doesn’t just rely on IPs—workload identity (like Kubernetes labels and service accounts) is used to define policies. This helps achieve zero-trust security across clusters and clouds.
    What do you dislike about the product?
    Despite having a clean UI, the underlying concepts (like eBPF, policy tiers, workload identities) can be challenging for teams new to Kubernetes networking and security. Proper onboarding/training is often needed.
    What problems is the product solving and how is that benefiting you?
    Lack of Fine-Grained Network Security in Kubernetes

    > Solution: Calico Cloud allows me to define fine-grained, identity-based network policies that go beyond IP addresses — using labels, namespaces, and service accounts to tightly control traffic between workloads.
    Yashavant N.

    Review for calico cloud

    Reviewed on Jul 16, 2025
    Review provided by G2
    What do you like best about the product?
    I like how Calico Cloud provides strong zero-trust security and deep observability for Kubernetes workloads.
    What do you dislike about the product?
    I dislike that some advanced features are only available in the paid version, limiting open-source flexibility.
    What problems is the product solving and how is that benefiting you?
    Securing Kubernetes workloads in production.
    Paras D.

    Reliable cloud platform with solid support

    Reviewed on Jul 16, 2025
    Review provided by G2
    What do you like best about the product?
    What I like best about Calico Cloud is its strong focus on security and observability. The way it integrates with Kubernetes for network policies and zero-trust security feels seamless. Plus, the real-time visibility into workloads and traffic flows is super helpful for debugging and compliance.
    What do you dislike about the product?
    The UI can feel a bit overwhelming at first, especially for new users. There’s definitely a learning curve if you’re not already familiar with Kubernetes networking concepts. Also, some advanced features could use more detailed documentation or tutorials.
    What problems is the product solving and how is that benefiting you?
    Calico Cloud helps us secure and manage Kubernetes workloads with fine-grained network policies and zero-trust security. It simplifies enforcing security at scale, especially across multiple clusters. The built-in observability tools also give us better insights into traffic patterns and potential vulnerabilities, which helps us troubleshoot faster and stay compliant.
    View all reviews