Policy for hosts

Use the same Calico network policy for workloads to restrict traffic between hosts and the outside world.

Protect hosts

Calico network policy not only protects workloads, but also hosts. Create a Calico network policies to restrict traffic to/from hosts.

Protect host tutorial

Learn how to secure incoming traffic from outside the cluster using Calico host endpoints with network policy, including allowing controlled access to specific Kubernetes services.

Apply policy to host forwarded traffic

Apply Calico network policy to traffic being forward by hosts acting as routers or NAT gateways.