
Gloo Network
Some modern applications require advanced levels of packet filtering, security and observability. Gloo Network enables Cilium-CNI powered by eBPF to enable networking, packet filtering and observability for modern applications. Gloo Network is a modular component of Gloo Platform.
Enhance Your Security
Secure
Powerful network filtering and observability for your application networking architecture
Scale
CNI architecture allows you be future-proofed as the cloud-native journey evolves and grows

Simplify
Integrated technologies provide zero trust security for critical workloads
Extend Security Into Your Infrastructure Layers
Most modern applications that are built using containers are orchestrated with Kubernetes. The CNI plugin provides a method to customize the networking layer used by the Kubernetes control plane. With Linux as the underlying operating system for most containers, the CNI plugin offers a way to manage the underlying Linux networking stack in the declarative model defined by Kubernetes.
Using eBPF to access the raw interface of the data link layer is a valuable Linux kernel networking security feature. This enables the dynamic insertion of powerful security, visibility, and networking control logic into the Linux kernel. While this is not a requirement for all containerized deployments, using the CNI plugin to manage the eBPF capabilities can open up new paths to securing the network layer underneath the container.

Deliver Deeper Security Today with Gloo Network
Gloo Network provides a powerful Cilium CNI for Kubernetes clusters. Cilium is an open source software for providing, securing and observing network connectivity between container workloads – cloud native, and fueled by the revolutionary Kernel technology eBPF.
With the addition of Gloo Network, the Gloo Platform now provides Istio, Envoy Proxy, Cilium, eBPF, and Kubernetes CNI in one integrated platform. These integrated technologies provide high-performance networking, zero trust security, advanced observability for microservice applications, and multi-tenancy isolation of critical workloads.
- Control traffic with policies
- Multitenancy and zero trust with workspaces
- Enhanced performance
- N-4 version support for Cilium
- Built-in observability tools
- Central Gloo management
Better with Gloo Mesh
Network security is even better when it is an extension of your cloud native application security. Extend the power of Cilium by connecting Gloo Network to Gloo Mesh and the features of Istio service mesh. Enabling eBPF-based acceleration in your service mesh does not change the way the service mesh works. When you use Gloo Mesh and Gloo Network together, you can accelerate request processing with eBPF for Istio workloads in your service mesh, and reduce network latency.
With this defense-in-depth approach, you can create a multi-layer defense mechanism and address many attack vectors to protect your apps from being compromised.
Solve Real Problems with Gloo Network
Gloo Network can be deployed to enhance the security posture for the following use-cases:
- Providing high-performance networking and load-balancing
- Extracting fine-grained security observability data at low overhead
- Helping application developers trace applications
- Providing insights for performance troubleshooting
- Preventive application and container runtime security enforcement

Learn More in our Workshops

Exploring Network Security in Cilium
Security is a responsibility share by everyone. Developers and engineers alike should understand how to properly secure their applications and traffic in any environment it may be deployed. This workshop will explore how to secure applications with a comprehensive look at how Cilium implements standard and extended security features.

Introduction to Cilium (with Fundamentals for Cilium Certification)
Cilium is an open source software for providing, securing and observing network connectivity between container workloads. In this course, you'll learn how to deploy Cilium and leverage network policies to secure service-to-service communications. This course also includes a certification that you can share on your social networks.