Policy for hosts

Use the same Calico network policy for workloads to restrict traffic between hosts and the outside world.

Calico network policy not only protects workloads, but also hosts. Create a Calico network policies to restrict traffic to/from hosts.

Protect Kubernetes nodes with host endpoints managed by Calico.

Learn how to secure incoming traffic from outside the cluster using Calico host endpoints with network policy, including allowing controlled access to specific Kubernetes services.

Apply Calico network policy to traffic being forward by hosts acting as routers or NAT gateways.