Oliver 73e7f8ef4c Security Planning shall support customer expectations

Epic: Security Planning shall support expectations presented in pre-sales presentations.
Updated with review comments for Patch set 4
Updated with review comments for Patch set 3
Updated with review comments from Patch set 2
Updated with review comments from Patch set 1
Added summaries of items raised in pre-sales presentations

Change-Id: Ic1e458dfd57ad7ab18923f3a1756007ad717efe1

2022-06-23 14:09:03 -04:00

1.4 KiB

Raw Blame History

Firewall Options

applies default firewall rules on the network.

The default rules are recommended for most applications. See Default Firewall Rules <security-default-firewall-rules> for details. You can configure an additional file in order to augment or override the default rules.

A minimal set of rules is always applied before any custom rules, as follows:

Non- traffic is always accepted.
Egress traffic is always accepted.
traffic is always accepted.
traffic is always accepted.

Note

It is recommended to disable port 80 when HTTPS is enabled for external connection.

Operational complexity:

provides firewall rules through Kubernetes Network Policies. For more information, see Firewall Options <security-firewall-options>.
The custom rules are applied using iptables-restore or ip6tables-restore.

Default Firewall Rules

applies these default firewall rules on the network. The default rules are recommended for most applications.

For a complete listings, see Default Firewall Rules <security-default-firewall-rules>.

1.4 KiB Raw Blame History

Firewall Options

Default Firewall Rules

1.4 KiB

Raw Blame History