Buoyant Enterprise for Linkerd

Rust-based network security and reliability for modern applications. Built on open source and designed for the enterprise.

Free trial

Zero-trust security and compliance across your entire network

Buoyant Enterprise for Linkerd provides a complete zero-trust layer of network security and access control built on industry standards such as mutual TLS, the Gateway API, and the memory-safe Rust language. Say goodbye to IP-based access control, perimeter firewalls, and buffer overflow exploits. Say hello to workload identity, end-to-end encryption for all customer data, and ultra-fine-grained security boundaries.

Bloud-screenshot1

Global traffic management and control

Buoyant Enterprise for Linkerd gives you unparalleled control over all application traffic, including dynamic L7-aware routing; cross-cluster communication; automated failover across clusters, regions, and zones; and cost-optimizing load balancing that can significantly reduce your cloud spend. Linkerd Enterprise delivers a fully distributed, Rust-based dataplane capable of handling everything from HTTP/2 and gRPC traffic down to raw TCP streams while withstanding network partitions, machine outages, failures of clusters, zones, and regions, and anything else you can throw its way.

Bloud-screenshot1

Full L7 application observability

Buoyant Enterprise for Linkerd provides immediate L7 traffic metrics such as success rates, request latency distributions, and full service topologies, all in a single dashboard designed for enterprise platform owners and operators. No changes to the application are necessary. Move from byte flows between IP addresses to a modern, workload-based view of your complete application topology, even across cluster, zone, and region boundaries.

Bloud-screenshot1

Built for the enterprise

Based on the widely adopted and CNCF-graduated open source Linkerd project, Buoyant Enterprise for Linkerd includes:

Enterprise-hardened Linkerd images
Bitstream assurance including hotpatches and SBOMs
Strict SLAs around CVE remediation
24x7x365 on-call support
Full lifecycle automation
Additional enterprise features such as cost-aware routing

Differences between free tier and Buoyant Cloud enterprise

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse tincidunt sagittis eros. Quisque quis euismod lorem.

Open source
Linkerd

Buoyant Enterprise
for Linkerd

Security
Zero-config encryption and authentication of all meshed traffic
Workload identities (not IP addresses)
Zero trust authorization policies
Rust-based data plane
Policy generation from live traffic
Reliability
Latency-based load balancing
Timeouts and retries
Automated failover, including across clusters
Circuit breaking
Routing
L7-aware request routing
Transparent multi-cluster communication
Direct pod-to-pod multi-cluster communication for shared flat networks
Observability
Uniform L7 metrics includg success rates and latency distributions
Easy export to any Prometheus-compatible metrics store
Distributed tracing
Single pane of glass multi-cluster dashboard
Alerts and metrics integration with Datadog, Microsoft Teams, and PagerDuty
Operations
Continuous health checking via Buoyant Cloud
Lifecycle automation including GitOps-compatible installation and upgrades
Standards
Gateway API support
Mutual TLS (mTLS)
Compliance
Automated security audit reporting to aid in audit and regulatory compliance validations
Software Bills-of-Materials (SBOMs) for all components
SLAs on CVE remediation
Bitstream assurance: hotfixes and continual scanning
FIPS-140-2 compliance
Cloud cost reduction
Kubernetes TopologyHints support
Dynamic cost-minimizing request load balancing for minimizing cross-AZ traffic without sacrificing HA
Support and integration
Open source forums
24x7 on-call support
30-day "white glove" onboarding
Architecture review and best practice guidance
Direct relationship with the technologists behind the project