Sold by: Tigera Inc.
Deployed on AWS
Calico Cloud is a fully managed pay-as-you-go SaaS based networking, network security, and observability platform for AWS and EKS Kubernetes clusters.
4.5
Overview
Tigera provides Calico, a unified network security and observability platform to prevent, detect and mitigate security breaches in Kubernetes clusters. The Calico platform is engineered to secure all types of network traffic including egress, ingress, in-cluster and cross-cluster. Calico offers centralized network security management across multiple Kubernetes distributions, for individual and multi-cluster deployments in the cloud or on premises. It facilitates seamless and consistent network policy enforcement, while empowering teams with observability and risk mitigation capabilities.
Tigera is the creator and maintainer of Calico Open Source, the most widely adopted container networking and security solution. Calico software powers more than 100M containers across 8M+ nodes in 166 countries, and is supported across all major cloud providers and Kubernetes platforms.
Highlights
- Network security: Improve network security posture with fine-grained network policies. Limit egress traffic by IPs, domains and IP CIDRs. Automatically identify namespace boundaries and recommend policies for namespace isolation.
- Egress Gateway: Calico Egress Gateway assigns a static IP address to egress traffic from Kubernetes pod, to facilitate integration with firewalls, and other tools that require a static IP address for identification.
- Ingress Gateway: Provides a standardized approach to managing Kubernetes ingress traffic using the Gateway API. Integrates Envoy Gateway, hardened for enterprise use, to provide comprehensive security and observability for ingress traffic.
Details
Sold by
Categories
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/month |
|---|---|---|
5 vCPU Subscription | 5 vCPUs billed monthly | $90.00 |
Pro Subscription | Billed at $0.025/vCPU hour | $18.00 |
10 vCPU Subscription | 10 vCPUs billed monthly | $180.00 |
Dimension | Cost/unit |
|---|---|
vCPU Hour | $0.025 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
24x7 for Calico Cloud Pro. The complete support policy is here: https://www.tigera.io/legal/calico-cloud-support-policy . calicocloud-support@tigera.io
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Trend Micro
By Sophos
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Network Policy Enforcement
Fine-grained network policies that limit egress traffic by IPs, domains, and IP CIDRs with automatic namespace boundary identification and policy recommendations for namespace isolation.
Egress Traffic Management
Egress Gateway functionality that assigns static IP addresses to egress traffic from Kubernetes pods for integration with firewalls and tools requiring static IP identification.
Ingress Traffic Management
Ingress Gateway using Gateway API standard with integrated Envoy Gateway for comprehensive security and observability of ingress traffic.
Multi-Cluster Network Security
Centralized network security management across multiple Kubernetes distributions supporting individual and multi-cluster deployments in cloud and on-premises environments.
Network Observability and Risk Mitigation
Observability and risk mitigation capabilities for detecting and mitigating security breaches across all types of network traffic including egress, ingress, in-cluster, and cross-cluster communication.
Intrusion Detection and Prevention
Host-based intrusion detection and prevention (IDS/IPS) capabilities to defend against network threats and zero-day exploits
Application Control
Application control functionality to lock down servers and secure Docker containers with DevOps-friendly API security processes
Malware Protection
Anti-malware protection with behavioral analysis and predictive machine learning for Windows and Linux workloads
Integrity Monitoring
File and System Integrity Monitoring to streamline compliance and audit evidence gathering
Vulnerability Exploitation Prevention
Vulnerability exploit shielding to prevent exploitation of unpatched systems without requiring live system patching
Threat Detection and Response
Automatic threat detection and neutralization with 99.98% threat interception rate, supported by 24/7 managed detection and response service with threat hunting and neutralization experts
Cloud Security Posture Management
Continuous scanning of cloud environments to identify assets, assess security and compliance settings, detect malicious activity, and identify misconfigurations with agentless malware scanning for S3 storage and integration with AWS GuardDuty and SecurityHub
Endpoint and Workload Protection
Agent-based protection for Windows and Linux hosts against modern threats including ransomware, fileless attacks, and advanced malware
Network and Firewall Protection
Cloud-native, virtual, and physical firewall appliances providing network visibility, protection, and response across public, private, and hybrid cloud environments
Unified Management and Orchestration
Cloud-based centralized management platform enabling configuration, reporting, and real-time threat information sharing across endpoint, firewall, network, email, cloud, and identity solutions with automatic response actions
Standard contract
No
No
No
Customer reviews
Mario Rodríguez Hernández
Centralized service mesh visibility has strengthened our security and simplified audit readiness
Reviewed on Jun 18, 2026
Review from a verified AWS customer
What is our primary use case?
My main use case for Calico Cloud is network and security management in EKS.
I set up a service mesh on EKS while using Calico Cloud , which provides all the observability and graphical interface needed to manage communication between the different services and to the outside.
It greatly facilitates management and allows in the future to connect it with other Kubernetes clusters that are not EKS without having to use proprietary tools from each cloud.
What is most valuable?
I consider the best features offered by Calico Cloud to be portability and its graphical interface.
Since Calico Cloud is a portable tool that can work with different types of Kubernetes clusters, it greatly facilitates deployment in different projects, having people trained on that tool and not having to train them on different tools. In addition, since it has a simple graphical interface, it is very easy for new technicians to learn.
Calico Cloud has positively impacted my organization by improving the security of deployed applications while having greater control and visibility over communication between the different microservices.
I have improved in audits after implementing Calico Cloud, reaching the optimal state in less time.
What needs improvement?
I think Calico Cloud could be improved by being a bit cheaper. The pricing, implementation cost, and licensing of Calico Cloud could be reduced.
For how long have I used the solution?
I have been using Calico Cloud for between one and two years.
What do I think about the stability of the solution?
I consider Calico Cloud to be stable.
What do I think about the scalability of the solution?
I rate the scalability of Calico Cloud as adequate.
How are customer service and support?
Calico Cloud's customer support is adequate, although I have not had to use it.
Which solution did I use previously and why did I switch?
I used several other proxies for service mesh topics before Calico Cloud, and I decided to switch because of the ease and portability between different solutions.
What was our ROI?
I have seen a return on investment from using Calico Cloud, particularly with time savings in achieving audits and passing audits in an optimal way.
Which other solutions did I evaluate?
Before choosing Calico Cloud, I evaluated other options including the specific AWS solutions.
What other advice do I have?
I would advise other professionals who are considering Calico Cloud to evaluate it because it is a very powerful solution. I give this review a rating of 8.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Olakunle Obasoro
Security posture has become visible and container risks are managed proactively
Reviewed on Jun 15, 2026
Review from a verified AWS customer
What is our primary use case?
I have been using Calico Cloud between 2022 to 2024. I worked on a project focused on security and vulnerability scanning within our containers. Calico Cloud was implemented because the company wanted to understand their security architecture within our orchestration environment, as we were using Kubernetes and running on AWS . We were also using AWS Inspector , but Calico Cloud was injected within the system to help with security, particularly within the containers.
My main use case for Calico Cloud is security. Calico Cloud has developed a cloud-native solution for the security of containers. You are able to have insights into your cloud security posture management (CSPM), gaining an understanding of your security posture within your containers and how to design your security system. Within Kubernetes , you have your container security interface (CSI ), which Calico Cloud is able to build something native for and is able to secure your containers, ensuring they are well secured within their ecosystem.
When you log in to the console, everything was mostly click-based. You see different options on the console where you can check your posture or scan your containers for vulnerabilities. You can see whether vulnerabilities are high or low, and you are able to apply the best security posture to protect your containers so that no one is open and vulnerable to attack. Everything was connected, and you could see the different policies in place.
What is most valuable?
Calico Cloud is cloud-native. The moment you log in to the console, you have different applications to check for vulnerabilities. You have knowledge of different vulnerabilities from standards such as NIST that you could check against. By setting the policies, you are ensuring that no one has access to your app and that it is well protected. You create policies to prevent someone from logging into a particular container, and since it has its native container security interface, this helps protect against unauthorized access or damage in the cloud.
The best features Calico Cloud offers include the CSI itself and the ease of integration with your CSI. The interface has also improved; when I started using it, I noticed the landing page from the left-hand side of your console was user-friendly. Through Calico Academy, you can learn quickly how to use Calico.
The UI/UX is fantastic, and I believe companies continue improving it.
What needs improvement?
Regarding improvements for Calico Cloud, there is a need to build agentic security systems. I believe Calico Cloud is progressing towards this, and I believe they can enhance their teaching methods to facilitate adoption.
Documentation needs continuous improvement. It is good and easy to read, but it can get better. Having a searchable summary feature, such as a chatbot, could help users quickly resolve issues without having to read extensive documentation.
At the moment, I do not believe there are more improvements needed, but as mentioned earlier, there should be a focus on better documentation, possibly by embedding chatbot features that could respond to user prompts effectively.
For how long have I used the solution?
I have been using Calico Cloud between 2022 to 2024.
What do I think about the stability of the solution?
Calico Cloud is stable.
What do I think about the scalability of the solution?
Calico Cloud is scalable. I do not believe there is a question about that; it has over the years demonstrated its scalability and the adoption of products across the industry.
How are customer service and support?
Customer support is good. I mainly relied on documentation, but I believe the relationship between vendors and our management team was effective, and I did not hear complaints about support.
Which solution did I use previously and why did I switch?
I joined the company and started using Calico Cloud from the beginning, so I cannot comment on previous solutions. The decision for solutions often depends on an organization's needs and industry requirements, leading to a cloud-native approach without dependency on a single vendor.
How was the initial setup?
The integration process of Calico Cloud with existing systems has its challenges. When integrating, especially with AWS, navigating through various providers is necessary. With the rise of generative AI, embedding guidance into the integration process could help users troubleshoot effectively.
What about the implementation team?
In terms of governance and security, my understanding is that it is about protecting users by ensuring their information is not public and thus not exploited. I believe Calico Cloud follows the necessary security and governance standards, which assures users that deploying their agentic systems is secure.
What was our ROI?
The return on investment from using Calico Cloud is evident, as the company has effectively been using it for years. Calico Cloud not only secures our network infrastructure but also assures that we are not incurring costs due to breaches, which is a significant factor in the ROI.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing for Calico Cloud was determined by management who evaluated the costs related to potential breaches. They decided that the cost of implementing Calico Cloud outweighed the risk of not having it based on our industry needs.
Which other solutions did I evaluate?
I believe they evaluated other options, and it was determined that Calico Cloud is the leader in providing security within the cloud native ecosystem.
What other advice do I have?
The impact of Calico Cloud is that we were able to achieve a more secure understanding of our security posture. We could access our containers, knowing full well that all policies set were followed through. We could see visually how everything was interconnected. That visual representation Calico Cloud has embedded into their design system is wonderful, and it has impacted our business positively.
Having access to vulnerabilities is essential. For example, when the Log4j issue occurred in December 2021, I joined the company in 2022. The company had a lot of internal and external facing applications that needed to be scanned by Calico Cloud. We ensured each application's vulnerabilities were addressed by reaching out to developers to upgrade Java versions. By scanning, we identified vulnerabilities, and we communicated with developers to fix urgent issues, demonstrating how Calico Cloud provided critical insights.
Calico Cloud helps me meet compliance requirements. You set your cloud security posture, and when you scan and see that it is failing, it indicates areas where Calico Cloud delivers security effectively.
My advice to others looking into using Calico Cloud is this: if it fits your needs, go for it without hesitation. Security is a priority in today's world, especially as industries scale globally.
I found the interview to be smooth and thorough, allowing exploration of my knowledge regarding Calico Cloud. Although it took longer than the stated time, the process was engaging. I would be glad if you could summarize my review in a short poem or haiku. My overall review rating for Calico Cloud is 8 out of 10.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Oghenekaro Uzezi
Traffic insights have strengthened zero-trust security but observability reporting still needs work
Reviewed on Jun 10, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Calico Cloud is traffic management, which is the primary feature that I primarily use in my organization. We appreciate their recommendation system for security, and the service graph they provide gives us accessibility to our service graph, which is what we use it for.
A specific example of how I use Calico Cloud for traffic management and the service graph is that they provide us visibility, which is one of the things I appreciate about Calico Cloud. A similar product is Jaeger when you are using Istio , so they essentially do the same thing. You look at the service graph and you will see how, for example, we have several microservices. For me to communicate with another, normally you would not know how the full communication works. However, with Calico Cloud, you are able to see that this service communicates with these services and how they communicate. You can see the latency that is occurring at a particular junction. You can basically see all your services that make up your application that were developed for different vendors in our company, and you can see how each and every one of them communicates for this product. All the services that make up that microservice are what we use the service graph for. Their micro-segmentation helps to provide functionality similar to AWS Security Hub or a security advisor. You are able to be told that for a particular product and particular communication, these are the communications that occur on a day-to-day basis, and therefore, they recommend that you put in this kind of policy. If you agree with them, then you go and enforce the policy, and they provide a place to test it so that it does not affect your real-life traffic, allowing you to confirm that the feature really helps you.
Regarding my main use case and how Calico Cloud fits into my workflow, they have observability. I am able to combine all the different logs, DNS logs, so that I can see what actually happens from flow logs, DNS logs, and the other logs. That way I can make sense of what is going on in my cluster. For observability, they are doing good work. They provide insights that I have used with Istio , which is another product that also takes care of observability, not necessarily network policies in the way Calico Cloud supports. It is a good job overall.
What is most valuable?
In my opinion, the best features Calico Cloud offers are micro-segmentation, particularly the zero-trust micro-segmentation, which stands out the most for me. Being able for them to look at my traffic and recommend the best network policy for me means I do not have to think about it. That is what I value about Calico Cloud.
Micro-segmentation has helped my team greatly. Some use cases we never thought of with Calico Cloud help increase the security of our application. Micro-segmentation has assisted us with observability as well.
Calico Cloud has positively impacted my organization, especially on the security front, as it helped us anticipate security threats. It aids in making sense of what is happening in the cluster in terms of the logs, the DNS logs, and the other various logs that occur in the system.
What needs improvement?
For the moment, I think they could possibly add AI for human reporting for observability. Rather than just providing data, adding a speech feature on top of it, such as a summarization of what has actually happened, would be useful for troubleshooting faster. They should still allow users to drill down to see the actual issue, but that quick summary can indeed come in handy.
For how long have I used the solution?
I have been using Calico Cloud for over a year and a few months.
What do I think about the stability of the solution?
Calico Cloud is stable.
What do I think about the scalability of the solution?
For the traffic we handle, I consider it quite scalable. We have not had issues with scalability.
How are customer service and support?
I think we have not had time to reach out to customer support as Calico Cloud is quite a usable product.
Which solution did I use previously and why did I switch?
With Calico Cloud, it was our first product; I never used it previously. However, I have tried Cilium and Istio on my private cluster. That is why I can make this informed decision. Calico Cloud are the first ones that work with network policies, so that is the default when trying to work with Kubernetes clusters.
How was the initial setup?
My experience with pricing, setup cost, and licensing is that the pricing is moderate. The setup cost was basic because there are many helpful resources available that I could reference. The licensing was payable with the best pricing based on what they are offering.
What was our ROI?
I have seen a return on investment with time saved and fewer employees needed. We are able to reduce the number of times needed for debugging through the service graph and the recommendations for the micro-segmentation of their security tool, helping us identify necessary network policies. We also observe our traffic with the recommendations provided by Calico Cloud, which results in good savings in return on investment, which includes time saved and fewer troubleshooting and debugging times.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup cost, and licensing is that the pricing is moderate. The setup cost was basic because there are many helpful resources available that I could reference. The licensing was payable with the best pricing based on what they are offering.
Which other solutions did I evaluate?
Before choosing Calico Cloud, I evaluated Cilium, which is their competitor.
What other advice do I have?
My advice to others looking into using Calico Cloud is that it is worth the fee. I give Calico Cloud a rating of seven because there are places for improvement, as I recommended. For what they do, they do it well, especially with zero-trust micro-segmentation and their security plus observability tools. They may not have all the features that their competitor Cilium has, and they are doing a portion of what Cilium does and a portion of what Istio does. For what they do, they do it well, and that is why I give them a seven.
Shahrukh K.
Effortless Kubernetes Networking with Top-Notch Security and Performance
Reviewed on Nov 13, 2025
Review provided by G2
What do you like best about the product?
Calico makes network management simple and reliable. I like how it handles Kubernetes networking with strong security and clear visibility. It’s lightweight, performs well at scale, and integrates smoothly with existing infrastructure. The policies are easy to configure, and troubleshooting is much faster compared to other tools.
What do you dislike about the product?
Calico works great overall, but upgrading between versions can occasionally cause minor compatibility issues. I’ve also noticed that troubleshooting complex network policies can take extra time. The UI and monitoring options could be more intuitive for beginners who prefer visual tools over command-line configurations.
What problems is the product solving and how is that benefiting you?
Calico solves the challenge of managing container networking and security at scale. It provides a clear way to control traffic between services and enforce policies consistently. This has improved overall network performance, reduced configuration errors, and given me more confidence in maintaining secure, stable Kubernetes environments.
Raj S.
Effortless Network Policy Management with Calico
Reviewed on Nov 06, 2025
Review provided by G2
What do you like best about the product?
I like that Calico makes it easy to manage network policies in Kubernetes. It keeps things secure and organized, without slowing everything down. Simple, fast, and reliable.
What do you dislike about the product?
Sometimes, Calico can be a bit tricky to set up, especially for beginners. If you’re not familiar with networking or Kubernetes, it might feel overwhelming at first. More straightforward guides would help.
What problems is the product solving and how is that benefiting you?
Calico solves the problem of managing secure and efficient network traffic in Kubernetes. It helps control which apps can talk to each other, keeps things safe from unwanted access, and improves performance. This gives me confidence that my apps are running smoothly and securely.