Tigera Elevates Calico with New Features Enhancing Security and Observability for Ingress Traffic

Enhancing Security and Observability with Tigera's Calico

Tigera, the innovator behind Project Calico—the leading solution for container networking and security—has recently announced transformative enhancements aimed at bolstering security and observability for organizations utilizing Kubernetes workloads. With these advancements, Tigera is not only simplifying the operational experience but also significantly reducing the risks associated with ingress traffic.

Advances in Calico's Functionality

On August 26, 2025, the company unveiled a suite of new features that redefine security standards for Kubernetes environments. At the forefront of these enhancements is the integration of a Web Application Firewall (WAF) directly into the Calico Ingress Gateway. Acknowledging that Kubernetes ingress traffic acts as a prime target for cyberattacks, the inclusion of WAF capabilities allows for real-time analysis of application-layer protocols such as HTTP and gRPC. This proactive measure enables organizations to inspect, authorize, and secure ingress traffic, effectively blocking known threats before they can compromise workloads.

Streamlining Security Operations

This integrated WAF functionality not only simplifies operational processes but also centralizes threat detection and management. It empowers organizations to enforce robust security policies at the ingress gateway level, ensuring comprehensive protection for both public and internal services. Such a streamlined approach significantly cuts down the complexity of managing multiple security solutions, allowing teams to operate with enhanced efficiency and speed.

Addressing Policy Management Challenges

Another noteworthy feature introduced is the capacity for Calico Cloud Free Tier to automatically generate network policy recommendations. Many platform teams struggle with a lack of visibility regarding service-to-service communications and interactions between workloads. This often results in the crafting of overly permissive or restrictive policies, creating vulnerabilities. The latest updates allow Calico to analyze generated flow logs, proposing tailored network policies that facilitate namespace isolation and effective segmentation without requiring extensive expertise in the field.

Centralized Logging Solutions

Organizations managing virtual machines (VMs) and bare metal hosts outside of Kubernetes frequently face operational challenges when it comes to log management. Traditional systems require individual authorization and configuration for log forwarding, leading to inefficiencies and elevated costs. The newly launched centralized log forwarding feature addresses this pain point by collecting logs at a single management cluster or a standalone cluster, making the process of forwarding logs to external storage seamless and scalable.

Improved Visualization Tools

User experience is further enhanced through improvements in the Calico Service Graph visualizations. The updated iconography now enables users to differentiate between Kubernetes cluster nodes and those standalone VM/bare metal hosts running Calico outside of Kubernetes. This intuitive design allows for easy filtering and viewing of flow logs associated with these connections, contributing to overall operational clarity.

Phil DiCorpo, Senior Director of Product Management at Tigera, highlights the significance of these advancements: "As organizations scale their Kubernetes environments, many struggle to ensure security due to siloed, disparate solutions used for Kubernetes security. Calico's new capabilities are a testament to our ongoing commitment to delivering a single, comprehensive platform that enables security across every aspect of the customer's Kubernetes journey."

For further details on these new features and how they can impact your organization, visit Tigera's official page.

About Tigera

Tigera is the visionary behind Calico, which is a unified network security and observability platform dedicated to preventing, detecting, and mitigating security breaches within Kubernetes clusters. Calico's open-source version is widely utilized, powering over 100 million containers and supported across major cloud providers and Kubernetes distributions globally. Prominent companies, including Discover, Chipotle, NBCUniversal, and more, trust Tigera's solutions for their container security needs.