Resource Library

Secure Amazon EKS workloads with network security controls under AWS shared security model

Containerized workloads serve as the foundation for cutting-edge applications, ushering in a new era of flexibility, scalability, and inventive solutions. Yet, with the proliferation of the workloads across various clusters, cloud providers, and hybrid setups, the task of safeguarding them has become increasingly complex. Conventional network security approaches tailored for fixed network perimeters are no longer adequate for the dynamic and ever-evolving nature of containerized applications in the Amazon EKS environment.

Calico's container firewall has been specifically designed to cater to the ever-changing security requirements of cloud-native workloads. Implemented as code, the Calico container firewall provides comprehensive visibility, zero-trust based workload access controls, intrusion detection and prevention, and safeguards against threats at the application layer (L7) at workload-level. It equips DevOps, network security and platform teams with a seamless means to protect containerized workloads.