Sold by: Tigera Inc.
Deployed on AWS
Calico Cloud is a fully managed pay-as-you-go SaaS based Network Security & Observability platform for AWS and EKS clusters.
Overview
Calico Cloud enables organizations to prevent attacks using zero trust, and to detect, troubleshoot, and automatically remediate exposure risks from security issues in build, deploy, and runtime stages across multi-cloud and hybrid deployments. It works across multiple dataplanes starting from eBPF, Linux, Windows, VPP. Calico Cloud is built on Calico Open Source, the most widely adopted container networking and security solution.
-
Zero-trust workload security: Reduce attack surface with zero-trust workload-based microsegmentation. Prevent ransomware, Advanced Persistent Threats (APTs), and DDoS attacks with Calico Cloud network security controls.
-
Observability & Troubleshooting: Monitor and troubleshoot service performance in real time. In case of a breach or vulnerability, get instant granular information on compromised services and evaluate blast radius.
Highlights
- Reduce attack surface with zero trust: - Enabling users to enforce zero-trust workload-based microsegmentation - Universal Firewall integration - Envoy-based application-level security
- Detect known and unknown threats: - Protect workloads from network based threats - Workload-based WAF, IDS/IPS with Deep packet inspection, DDoS attack protection
- Automatic risk mitigation: - Dynamic Service Graph - Dynamic Packet Capture - Security policy recommender - Security Policies to Alert & Quarantine
Details
Sold by
Categories
Delivery method
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor, and additional usage. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. Usage-based pricing is in effect for overages or additional usage not covered in the contract. These charges are applied on top of the contract price. If you choose not to renew or replace your contract before the contract end date, access to your entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/month |
|---|---|---|
5 vCPU Subscription | 5 vCPUs billed monthly | $90.00 |
Pro Subscription | Billed at $0.025/vCPU hour | $18.00 |
10 vCPU Subscription | 10 vCPUs billed monthly | $180.00 |
Dimension | Cost/unit |
|---|---|
vCPU Hour | $0.025 |
Vendor refund policy
All fees are non-cancellable and non-refundable except as required by law
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
24x7 for Calico Cloud Pro. 8:00 am - 5:00 pm PT on US business days for Starter. The complete support policy is here: https://www.tigera.io/legal/calico-cloud-support-policy . calicocloud-support@tigera.io
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Trend Micro
By Sophos
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Zero Trust Network Security
Implements zero-trust workload-based microsegmentation across multiple dataplanes including eBPF, Linux, Windows, and VPP
Threat Detection Mechanism
Provides workload-based Web Application Firewall (WAF), Intrusion Detection System (IDS), Intrusion Prevention System (IPS) with deep packet inspection capabilities
Multi-Cloud Security Architecture
Supports security controls across multi-cloud and hybrid deployments with comprehensive network security integration
Dynamic Security Policy Management
Offers automatic security policy recommendation, dynamic service graph, and dynamic packet capture for proactive risk mitigation
Advanced Threat Protection
Prevents ransomware, Advanced Persistent Threats (APTs), and DDoS attacks through granular network security controls
Threat Detection
Advanced intrusion detection and prevention system with behavioral analysis and predictive machine learning capabilities
Container Security
Native security controls for Docker containers with automated protection and application control mechanisms
Workload Protection
Host-based security solution supporting both Windows and Linux environments with comprehensive vulnerability shielding
Integrity Monitoring
File and system integrity monitoring with real-time detection of unauthorized changes and configuration drifts
Multi-Environment Support
Security platform compatible with physical, virtual, and cloud infrastructure with flexible deployment options
Cloud Security Posture Management
Continuous scanning of cloud environments to identify assets, assess security and compliance settings, and detect potential malicious activities with integration to AWS GuardDuty and SecurityHub
Endpoint Protection
Advanced agent-based protection against malware, fileless threats, and ransomware for Windows and Linux hosts in cloud environments
Threat Detection and Response
24/7 managed detection and response service leveraging telemetry from multiple security solutions including endpoint, firewall, network, email, and identity platforms
Cloud Workload Protection
Security agents designed to protect cloud-based Windows and Linux hosts against modern cyber threats including ransomware
Network Security
Cloud edge firewall solution providing network visibility, protection, and response across public, private, and hybrid cloud environments using cloud native, virtual, and physical appliances
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
No security profile
No security profile
-
-
-
-
-
Standard contract
No
No
No
Customer reviews
0 ratings
0 AWS reviews
|
36 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Architecture & Planning
Robust Kubernetes Security with Room for Improvement
Reviewed on Jul 18, 2025
Review provided by G2
What do you like best about the product?
Calico Cloud excels in providing enterprise-grade security features for Kubernetes environments. The platform offers exceptional network policy management and real-time visibility into container traffic. I particularly appreciate the intuitive policy builder that helps create and implement zero-trust security models. The live troubleshooting tools are invaluable for diagnosing connectivity issues, and the integration with existing cloud platforms is seamless. The dynamic threat detection and automated security controls have significantly improved our cluster security posture.
What do you dislike about the product?
The initial setup and configuration process can be challenging for teams without extensive Kubernetes expertise. The documentation, while comprehensive, could be more user-friendly with better examples and use cases. Some advanced features require considerable fine-tuning to work optimally, which can be time-consuming.
What problems is the product solving and how is that benefiting you?
The pricing structure could be more transparent, and the cost can be significant for larger deployments. Additionally, the UI occasionally feels sluggish when handling multiple clusters, and some error messages could be more descriptive to help with troubleshooting.
VIJAY H.
Evaluating Calico Cloud: Secure, Scalable, and Kubernetes-Ready
Reviewed on Jul 16, 2025
Review provided by G2
What do you like best about the product?
Calico Cloud enforces identity-aware microsegmentation and least-privilege access by default. It doesn’t just rely on IPs—workload identity (like Kubernetes labels and service accounts) is used to define policies. This helps achieve zero-trust security across clusters and clouds.
What do you dislike about the product?
Despite having a clean UI, the underlying concepts (like eBPF, policy tiers, workload identities) can be challenging for teams new to Kubernetes networking and security. Proper onboarding/training is often needed.
What problems is the product solving and how is that benefiting you?
Lack of Fine-Grained Network Security in Kubernetes
> Solution: Calico Cloud allows me to define fine-grained, identity-based network policies that go beyond IP addresses — using labels, namespaces, and service accounts to tightly control traffic between workloads.
> Solution: Calico Cloud allows me to define fine-grained, identity-based network policies that go beyond IP addresses — using labels, namespaces, and service accounts to tightly control traffic between workloads.
Yashavant N.
Review for calico cloud
Reviewed on Jul 16, 2025
Review provided by G2
What do you like best about the product?
I like how Calico Cloud provides strong zero-trust security and deep observability for Kubernetes workloads.
What do you dislike about the product?
I dislike that some advanced features are only available in the paid version, limiting open-source flexibility.
What problems is the product solving and how is that benefiting you?
Securing Kubernetes workloads in production.
Paras D.
Reliable cloud platform with solid support
Reviewed on Jul 16, 2025
Review provided by G2
What do you like best about the product?
What I like best about Calico Cloud is its strong focus on security and observability. The way it integrates with Kubernetes for network policies and zero-trust security feels seamless. Plus, the real-time visibility into workloads and traffic flows is super helpful for debugging and compliance.
What do you dislike about the product?
The UI can feel a bit overwhelming at first, especially for new users. There’s definitely a learning curve if you’re not already familiar with Kubernetes networking concepts. Also, some advanced features could use more detailed documentation or tutorials.
What problems is the product solving and how is that benefiting you?
Calico Cloud helps us secure and manage Kubernetes workloads with fine-grained network policies and zero-trust security. It simplifies enforcing security at scale, especially across multiple clusters. The built-in observability tools also give us better insights into traffic patterns and potential vulnerabilities, which helps us troubleshoot faster and stay compliant.
Vikas M.
Crucial platform for Kubernetes security
Reviewed on Jul 15, 2025
Review provided by G2
What do you like best about the product?
What I found impressive was how Calico Cloud made the complex task of securing Kubernetes workloads much easier. I loved the fact that I could define granular network policies and immediately see the impact of the policies with traffic logs. The existing dashboards were very useful in understanding pod communication, potential threats and for visualizing gaps in compliance without having to flip back and forth between tools. This gave us both control and visibility in one spot, which is a rarity.
What do you dislike about the product?
I came upon one hurdle in the beginning of the onboarding — the documentation is quite comprehensive but doesn't take into consideration a reasonable amount of Kubernetes knowledge. I believe there are opportunities to improve straightforward policy creation through visualization or templating.
What problems is the product solving and how is that benefiting you?
Calico Cloud aids us with achieving cloud compliance goals by providing enhanced visibility into our network activity with audit logs and granular policy controls. It enables us to enforce better segmentation, avoid unnecessary communication between services, and provide evidence of compliance for security reviews. To validate our posture during audits, it significantly reduces time spent to prep for an audit and gives our security team comfort in our cloud infrastructure.