Tetrate Enterprise Gateway for Envoy—the cloud-native service gateway—has reached 1.0!

Learn more › close
Tetrate Enterprise ready service mesh

Compare Tetrate Products

Tetrate delivers three Application Networking and Security offerings. Compare and select the best one for your business.

Tetrate Service Mesh
Tetrate Istio Subscription

Tetrate Istio Subscription

Fully upstream Istio Distro FIPS-verified

Learn more
Tetrate Service Express

Tetrate Service Bridge

Enterprise-grade Istio + support

Learn more
Tetrate Service Bridge

Tetrate Service Express

Enterprise-grade Istio on Amazon EKS

Learn more

Compare Key Features

Download and use open source Istio or choose from two supported versions.

Tetrate Istio Subscription

Tetrate Istio Subscription

Tetrate Service Express

Tetrate Service Express

Tetrate Service Bridge

Tetrate Service Bridge

Istio Lifecycle Management & Compliance
Install and manage Istio (community and Tetrate builds) on K8s, EKS, AKS, GKE
Hardened, performant, and fully upstream builds of Istio
Custom builds of Istio for ARM64 and AMD64
Compatability testing for all major Kubernetes environments including EKS,
EKS only
FIPS-verified Istio and Envoy builds suitable for FedRAMP
FIPS compliance certificate
SLAs for vulnerability patches (CVEs) backported for supported versions of Istio
Patches and security hotfixes for N-4 versions
Multi-instance Istio managmenet with fine-grained access control and isolation
Service Discovery and Inventory with OpenAPI support
Audit logs for changes to services and shared resources
Workflows and process integration
Configuration safeguards
Traffic Management
Load balancing and failover policies (HTTP, gRPC, WebSocket, and TCP traffic)
Fine-grained fault tolerance capabilities including timeouts, retries, circuit breaking, failovers, and fault injection
Support for non-Kubernetes infrastructure such as VMs and AWS serverless services
Application edge L7 load balancing across one or more ingress gateways in different clusters
Application Ingress gateway load balancing to Kubernetes clusters or traditional workloads
Custom policies to route, filter, and transform L4 and L7 traffic
Global traffic routing, rate-limiting, load balancing and failover across multiple Istio instances
Centralized traffic and security policy management leveraging RBAC and Workspaces
One Org
Unlimited
Security
Authentication & authorization
TLS/mTLS encryption
Cert/credential management
Identity-based authentication and authorization
Integrate with LDAP or OIDC server for employee information
Open Policy Agent (OPA) support for authorization
Built-in web application firewall (WAF)
CORS policy configuration
Role-based access control (RBAC)
Next Generation Access Control (NGAC) based on NIST standard
Centralized security and compliance policy across multi-Istio instances
Audit log and events for all config changes
Security policy propagation
Multi-Tenancy & Workspaces
Multi-tenancy and Isolation
Logical resource groups based on hierarchy, workspaces, and tenants
Workspaces only
Workflows and process integration
Observability
Metrics, logs and traces
Distributed tracing (gateway-to-service and service-to-service)
AWS only
Centralized multi-cluster metrics, logs and traces
AWS only
Multi-instance metrics
AWS only
Multi-cluster metrics
AWS only
Multi-cluster topology
AWS only
Topology time-lapse view & drilldown
AWS only
Service level objectives (SLOs)
Measure, correlate and remediate SLO violations
Role-specific views of app topology, metrics and SLOs
Service alerts to service owners
Partner Integrations
AWS EKS add-on integration
Marketplace integration for AWS and Azure
AWS only
OpenShift certified partnership
Enterprise Support
24/7 enterprise support from Tetrate’s Istio experts
Service level agreements (SLAs) based on incident type
Community support via Tetrate community Slack workspace
IP indemnity protection
Access to professional services, assistance with bug fixes, confidentiality

Not sure where to get started?

Talk to an expert