Cookie preferences
Accept cookies for analytics, social media, and advertising, or learn more and adjust your preferences. These cookies are on by default for visitors outside the UK and EEA. Privacy Notice.
NGINX Service Mesh
Lightweight and seamless by design, NGINX Service Mesh (NSM) scales from open source projects to a fully supported, secure, and scalable enterprise‑grade solution, no matter where you are in your microservices journey. Take control of Kubernetes with our turnkey, secure, service-to-service solution featuring a unified data plane for ingress and egress management in a single configuration.
Service-to-Service Management of North‑South and East‑West Traffic
Not sure if you need a service mesh?
Read the BlogWhy Use NGINX Service Mesh?
-
Uniquely
Designed -
Flexible
Traffic -
Secure
Apps
Data Plane Matters
NGINX Service Mesh (NSM) is uniquely designed around the idea that the “data plane matters”. Leveraging the power of NGINX Plus to operate highly available and scalable containerized environments, we bring a level of traffic management intelligence to the market that no other reverse proxy sidecars can offer. Through building a control plane from scratch, solely focused on the NGINX Plus data plane, NSM delivers a highly optimized service mesh designed for high‑volume and secure container traffic management.
Other service meshes rely on tools from external vendors to provide critical service‑mesh features, or provide just bare‑bones sidecar proxies designed to move packets from one side of a virtual interface to another. NSM is the only mesh designed around a fully integrated data plane, using a custom‑built control plane for this purpose. It’s the only mesh to fully integrate ingress and egress traffic management at the edge within sidecar policies, with one single configuration. Lightweight and focused on Layer 7 application traffic management within clusters, NSM is non‑intrusive, allowing the rest of your tech stack to perform without complications, the way it should be.
Take Control of Kubernetes
Gain confidence with visibility into how Kubernetes distributes traffic within your containerized apps.
Flexible Traffic Handling and Portability
NGINX Service Mesh is platform‑agnostic and offers flexible traffic management. When deploying a new version of an application, you might want to limit the amount of traffic it receives at first, in case there is a bug. With our intelligent container traffic management, you can specify policies that limit traffic to new services and slowly increase it over time. Features like rate limiting and circuit breakers give you full control over the traffic flowing through your services. You can leverage a robust range of traffic distribution models, including:
- Rate shaping, quality of service (QoS), service throttling
- Blue-green deployments
- Canary releases
- Circuit breaker pattern
- A/B testing
- API gateway features
Take Control of Kubernetes
With production‑grade capabilities for intelligent traffic management in Kubernetes environments, NSM stands apart from the current glut of “packet‑pushing proxies” on the market.
Authentication and Security at the Point of Service
Security is more critical now than ever. Data breaches can cost organizations millions of dollars every year in lost revenue and reputation. NGINX Service Mesh ensures all communication is mTLS‑encrypted so that there is no sensitive data on the wire for hackers to steal. Access controls enable you to define policies about which services can talk to each other. NSM supports:
- Service identity
- Zero trust
- mTLS enforcement
- Certificate lifecycle management
- Configuration gating and governance
- Default block for ingress and egress north‑south traffic (requires NGINX Ingress Controller)
- Allowlist support for ingress and egress
- Edge firewalling with NGINX App Protect (requires NGINX Ingress Controller)
- Per‑service access control for east‑west traffic
Secure Your Apps
Prevent data breaches, lost revenue, and angry customers.
