![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 95%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESQ%3C/text%3E%3C/svg%3E)
Azure Kubernetes Service
An Azure service that provides serverless Kubernetes, an integrated continuous integration and continuous delivery experience, and enterprise-grade security and governance.
2,459 questions
Thanks for posting your question in the Microsoft Q&A forum.
Differences between Network Policy engines: Cilium, Azure NPM, and Calico:
The key differences are:
- Calico supports a richer set of features like global network policies, network sets, and host endpoints, while Azure Network Policy Manager has a more basic set of capabilities.
- Calico supports both Azure CNI and kubenet networking, while Azure Network Policy Manager only supports Azure CNI.
- Both are supported by the Azure support and engineering teams.
You can use either Azure Network Policy Manager or Calico network policy:
Azure Network Policy Manager:
- Create network policies in the Azure portal or using the Azure CLI.
- Policies are defined using Kubernetes network policy specification.
- Supports all policy types like
NetworkPolicy,NetworkPolicy.Spec.Egress, andNetworkPolicy.Spec.Ingress.
Calico Network Policy:
- Create network policies using the
calicoctlCLI tool or Kubernetes manifests. - Calico provides an extended policy model with features like global network policies and network sets.
- Supports all Kubernetes network policy types, as well as the Calico-specific extended policy model.
Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful