Threat defense

🗃️ Anomaly detection

2 items

📄️ Trace and block suspicious IPs

Add threat intelligence feeds to trace network flows of suspicious IP addresses, and optionally block traffic to them.

📄️ Trace and alert on suspicious domains

Add threat intelligence feeds to trace DNS queries that involve suspicious domains.

📄️ Trace and block suspicious external IP addresses

Use flow logs to trace external IP addresses that access clusters.

📄️ Anonymization attacks

Detect and analyze malicious anonymization activity using Tor-VPN feeds.

🗃️ Honeypods

2 items

📄️ Deep packet inspection

Monitor live traffic for malicious activities.

📄️ Workload-based Web Application Firewall (WAF)

Configure Calico to use with Layer 7 Web Application Firewall.