Uploaded image for project: 'OpenShift Request For Enhancement'
  1. OpenShift Request For Enhancement
  2. RFE-6013

RHACS: Allow ACS Network graph to monitor network traffic blocked by network policies

XMLWordPrintable

    • False
    • None
    • False

      CUSTOMER PROBLEM

      We would like to monitor traffic using network graph in ACS even if it is blocked by a kuberentes network policy. This is so that we have a backup method of detecting anomalous traffic in case the network policies are broken. There have been a few occassions when network policies in OVN have had bugs and has been unreliable, Some references in [1][2][3]

      The other use case is to meet compliance requirements of monitoring malicious activity even though the attempts to access a prohibited namespace/deployment may be blocked by a network policy

      USERS

      • The main user of this feature would be the Managed OpenShift (ROSA) service team. We would use ACS network graph' monitoring and alerting functionalities to meet our compliance requirements and to fire alerts if anomalous traffic is observed between HCP namespaces

      ACCEPTANCE CRITERIA

      • Network graph allows users to monitor traffic that is blocked by kubernetes network policies so that users can detect malicious intent by a threat actor

      [1]: https://bugzilla.redhat.com/show_bug.cgi?id=2048538
      [2]: https://issues.redhat.com/browse/OCPBUGS-1705
      [3]: https://bugzilla.redhat.com/show_bug.cgi?id=2076307

              rh-ee-masimonm Maria Simon Marcos
              kramraja.openshift Karthik Perumal
              Anjali Telang, Boaz Michaely, Doron Caspin, JP Jung, Maria Simon Marcos, Shubha Badve
              Votes:
              1 Vote for this issue
              Watchers:
              13 Start watching this issue

                Created:
                Updated:
                Resolved: