Based on the actual business workload visual display of the access behaviour between containers, clearly show the network topology relationship, convenient for operation and security personnel to understand.
Intra-cluster network segmentation: segmentation strategies based on Namespace, Label, Controller, IP/CIDR can be set.
Inter-cluster network segmentation: segmentation strategies can be set based on clusters and non-container clusters, and between clusters and external networks.
Pure containers and fat containers: provide different segmentation strategies for pure containers and fat containers.
Provide ‘Alert Only’ mode for workloads, which does not issue the actual segmentation strategies, but simulates the issued situation, and provides alerts when deviations from the strategies are detected. With this mode, you can avoid the impact on business due to the segmentation error.
Adapts to Underlay, Overlay, Vxlan, Macvlan, Ovs and many other network architectures.
More than 50,000 adapts to all types of cloud-native environments and supports multiple networks.
Visible workloads and network relationships.
Automatically adapts to east-west and north-south traffic control.
Enables previewing of strategy results and simulating the issuance of segmentation strategies.
Abnormal access alarms and switch control.
The strategy is automatically generated and can be used for emergency response at critical moment.
