Cilium is open source software for transparently securing the network connectivity between application services deployed using Linux container management platforms like Docker and Kubernetes.
At the foundation of Cilium is a new Linux kernel technology called BPF, which enables the dynamic insertion of powerful security visibility and control logic within Linux itself. Because BPF runs inside the Linux kernel itself, Cilium security policies can be applied and updated without any changes to the application code or container configuration.
3. Network Security
has not evolved
$ iptables -A INPUT -p tcp
-s 15.15.15.3 --dport 80
-m conntrack --ctstate NEW
-j ACCEPT
The world still runs on iptables
matching IPs and ports: