Calico Enterprise 3.21 (early preview) documentation

Calico product editions

Open-source networking and security for containers and Kubernetes

Observability & policy management for a single cluster

SaaS platform for Kubernetes networking and security

Self-managed platform for Kubernetes networking and security

Which product edition is right for me?

My needs	Calico product edition
I want open source, best-in-class networking, network security, and observability capabilities that can work across any Kubernetes distribution, for free.	Calico Open Source Get Started
I’m a Calico Open Source user who wants to leverage some of the improved observability and policy management capabilities that are available in Calico Cloud, for free.	Calico Cloud Free Sign up
My organization wants a fully managed SaaS platform for network security and observability.	Calico Cloud Get Started
My organization wants a self-managed platform for network security and observability.	Calico Enterprise Get Started

Feature comparison matrix

	Calico Open Source	Calico Cloud Free Tier*	Calico Cloud	Calico Enterprise
Management and Support
Mutli-cluster security controls management
Data retention	In-memory	24 hours	7 days	Unlimited
Number of clusters	Unlimited	One	Unlimited	Unlimited
Number of users	N/A	One	Unlimited	Unlimited
Support and maintenance	Community-driven	Community-driven	Standard/Business	Standard/Business
Networking
High performance, scalable pod networking
Advanced IP address management
Direct infrastructure peering without the overlay
eBPF data plane
Windows data plane
nftables data plane
iptables data plane
VPP data plane
Multiple Calico networks on a pod
Dual ToR peering
Ingress gateway
Egress gateway
Cluster mesh
Network Security
Seamless support for Kubernetes network policy
Label-based policies for K8s and non-K8s workloads
Namespace and cluster-wide scope
Global default deny policy design
Application layer policy
Policy for services
Policy board		View only
DNS/FQDN-based policy
Hierarchical tiered network policy
Policy recommendations		Manual workflow
Staged network policy
Preview staged policies
Network sets to limit IP ranges for egress and ingress traffic to workloads
Data-in-transit encryption
Universal firewall integration
Workload-based IDS/IPS
Deep packet inspection
DDoS protection
Workload-centric WAF
Compliance reporting and alerts
SIEM integrations
Network Security for VMs and Bare Metal
Restrict traffic to/from hosts and VMs using network policy
Automatic host endpoints
Apply policy to host-forwarded traffic
Observability
Flow logs API
Calico Whisker web console
Dynamic service and threat graph
Application level observability
Dynamic packet capture
Flow visualizer
Logs (flow)
Logs (http traffic, audit, bgp, dns, events)
Dashboards		**
Alerts

* Calico Cloud Free requires a cluster with Calico Open Source 3.30 or higher.

** Calico Cloud Free includes some of the dashboards that are available in Calico Cloud and Calico Enterprise.

How to get started with Calico

Calico powers 100M+ containers across 8M+ nodes in 166 countries, and is supported across all major cloud providers and Kubernetes distributions.

Ready to get started?

Start a free trial or request a demo to see Calico in action.

Installation guides

How to engage

Learning resources

Blog
Certifications (self-paced)
Product tutorials (self-paced)
Learn guides
Webinars and workshops (live and on demand)
Resources

Get involved

Calico Open Source Community
GitHub
- Project Calico
- Tigera

Get in touch

Slack (Calico Open Source users)
YouTube (@ProjectCalico)
LinkedIn
- Tigera
- Project Calico
Twitter
- Tigera
- Project Calico
Contact us

Calico Open Source

Calico Cloud Free

Calico Cloud

Calico Enterprise

Which product edition is right for me?​

Feature comparison matrix​

How to get started with Calico​

Ready to get started?​

Installation guides​

How to engage​

Learning resources​

Get involved​

Get in touch​