Cloud Microsegmentation

A Winning Security Policy

Firewall at Scale

Making Micro-Segmentation Cloud-NativeMicro-segmentation is an emerging practice that is quickly becoming a critical facet of cloud security. Its objective is not only to prevent compromise, but also to deal with what happens after compromise occurs. The purpose of micro-segmentation is to isolate applications and services from one another in order to prevent attackers from achieving their goals. Workload segmentation has always been an effective part of security and micro-segmentation is the evolution of traditional workload segmentation, and, in any of its forms, it offers incomparable security to organizations of all sizes. In today’s complex, hybrid infrastructures, digital assets are expected to behave consistently across a wide range of environments.

  • Multi-Cluster Policy simplification & unification powered by eBPF
  • Microservice Deployment Embedded Policies
  • Expand Istio policy to a workload level segmentation

With micro-segmentation, security policies become part of the “DNA” of a given workload and persist regardless of where and how they are deployed. Alcide’s application-aware micro-segmentation solution offers additional security by helping to secure the application configuration since it looks at behavior patterns of workloads to determine if workloads have been compromised, and then quarantines or terminates those workloads to prevent the spread of malware. It also interconnects with third-party software to grab awareness about what workloads are doing, and how they should be behaving. Alcide application-aware micro-segmentation is more than just manipulating firewalls or preventing the routing of packets.


Introducing Alcide kAudit

Alcide new Kubernetes Audit tool automatically analyses Kubernetes Audit logs, detecting non-compliant and anomalous behaviours of users and automated service accounts as well as anomalous administration operations

Get kAudit