Post Finance picks Cilium for Cloud Native Networking
Cilium helped the Post Finance team build a scalable Kubernetes platform which meets the demanding requirements to run mission-critical banking software in production.
Watch The Case StudyFinancial Services
Regulatory oversight is a hallmark of the financial industry. Cilium's detailed traffic monitoring and logging mechanisms support institutions in establishing transparent audit trails, complying with stringent regulations, and conducting forensic investigations.
The world of fintech revolves around APIs – from mobile banking apps to trading platforms. Cilium's API-aware network security ensures that these critical APIs can be secured, empowering teams with the toolsets needed to understand and guard against malicious patterns in API calls. Cilium supports L7 policies (e.g., allow HTTP GET /foo) for fine-grained access control to shared API services running common cloud native protocols like HTTP, gRPC, Kafka, etc. Cilium also supports deny-based, cluster-wide, and host-layer firewall network policies.
With Cilium, companies in the financial services industry can achieve improved observability, maintain security controls, and weave compliance and security governance for Kubernetes environments directly into the DevOps process.
We started by looking at some other tools, and we first used [the cloud provider CNI]. But we found that Cilium, with its host-based policies and its ability to replace what we had out of the box, was really valuable.
Bloomberg successfully enhanced the security and access control of its BQuant Enterprise workloads through the implementation of robust network security measures.
read the case study“Always On” Workload Analysis for Continuous Compliance
In a highly regulated industry such as financial services, ensuring that software and systems comply with these regulations is a constant challenge for development and operations teams. Cilium empowers teams with tools to ensure continuous compliance with standards like FIPS, PCI DSS, Open Banking, and SOC 2 by offering real-time monitoring and analysis of workload communication to identify non-compliant connections. It emphasizes encryption, traffic analysis, and full-stack monitoring without imposing performance constraints, ensuring confidentiality, integrity, and availability in regulated environments.
17Clusters
7-75Clusters
x12kFaster Pod startup
2.4MUsers
1000sContainers
Post Finance one of Switzerland's leading financial institutions uses Cilium for Cloud Native Networking
watch the case studyEnforce Zero-Trust Security with Ease. No Disparate Tools, No Performance Hits
Adopting a Zero Trust-based approach to network security architecture is essential for companies in the financial service industry to maintain compliance with stringent regulations and keep customer data secure.
Cilium provides a unified tool that implements a range of features to enforce Zero Trust networking security principles. These features include identity-aware service to service communication and observability, advanced network policies with native HTTP and DNS protocol support, transparent encryption, and using in-kernel IPsec or WireGuard. Enforcement of TLS via Network Policy allows operators to restrict the allowed TLS SNIs in their network, and provide a more secure environment.
Tetragon provides powerful security observability and real time enforcement guardrails. Cilium offers broad cluster-wide network policies that can be mixed with Tetragon tracing policies for more specific protocol controls like system calls, TCP/IP, file access, and namespace privilege capabilities.
Weave Compliance and Security Throughout the DevOps Process
By moving from IP to identity, Cilium empowers you to free your security and operations teams from the need to manually review and audit every policy change. Cilium's native integration with the Kubernetes ecosystem enables it to seamlessly weaves compliance and security governance into the DevOps process. For example, operators can write network policies based on namespaces or labels rather than hardcoding IPs.
Featured Talks
eBPF, a road to invisible network: S&P Global's Network Transformation Journey
Guru Ramamoorthy talks about how S&P Global’s network engineers leveraged eBPF-based networking with Cilium to connect and secure their clouds
Cilium in Practice: Building Data Sandboxes at Bloomberg
Bloomberg leverages Cilium to construct data sandboxes that restrict users from exfiltrating data from the sandbox
Multi-cluster networking with Cilium at Form3
Adelina Simon, a technology evangelist at Form3 talks about how they built a multi-cloud payments platform using Cilium
Join Global Financial Leaders in the Cloud Native Networking Revolution
How Capital One used eBPF and Cilium to build a secure, maintainable PaaS
Capital One leveraged Cilium to build a multi-tenant platform meeting all its requirements for security, maintainability, network visibility, and scale.
Watch The Talk
More Churn No Problem: Lessons Learned Running Cilium in Production
Robinhood's war stories from running Cilium in a high-churn near-production environment, learn how they overcame challenges by better understanding and tuning Cilium.
Watch The Talk
Strengthening Security Across Distributed Kubernetes Clusters
Sicredi, Brazil's largest credit union, leverages Cilium to reduced operational and maintenance complexity while increasing performance across clouds and on premise.
Watch the Talk
Building a Resilient Payments Platform with Cilium
Form3 integrated Cilium into their platform as their primary solution for networking, security, and observability, enabling them to meet their FPS gateway business requirement of seamlessly switching between data centers without any downtime.
Read The Case Study
Self-service, Zero Trust Network Security
Rabobank leverages Cilium to enable zero-trust networking, significantly improving the security and enabling self-service in their financial API platform.
Read The Case StudyCilium’s Solutions for Financial Services
Transparent Encryption
Elevate compliance and lower risk with Cilium transparent encryption. With just one switch, no application changes, service meshes or additional proxies
Learn moreNetwork Policy
Maintain identity based policies effectively at scale with Cilium’s advanced network polices
Learn moreEgress Gateway
Present a group of cloud native workloads from a stable IP address to integrate with traditional firewalls
Learn more