openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-06 15:46:57 +01:00
Code Issues Releases Activity

Update Firewall and DDoS protection info

Browse Source
This commit is contained in:
mletalie
2024-01-02 09:02:45 -05:00
parent 97bce5dad3
commit 83c4ddf966
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
modules/sdpolicy-security.adoc
View File

@@ -77,7 +77,8 @@ $ oc adm policy add-cluster-role-to-group self-provisioner system:authenticated:
[id="network-security_{context}"]
== Network security
With {product-title} on AWS, AWS provides a standard DDoS protection on all Load Balancers, called AWS Shield. This provides 95% protection against most commonly used level 3 and 4 attacks on all the public facing Load Balancers used for {product-title}. A 10-second timeout is added for HTTP requests coming to the haproxy router to receive a response or the connection is closed to provide additional protection.
Each {product-title} cluster is protected by a secure network configuration at the cloud infrastructure level using firewall rules (AWS Security Groups or Google Cloud Compute Engine firewall rules). {product-title} customers on AWS are also protected against DDoS attacks with link:https://docs.aws.amazon.com/waf/latest/developerguide/ddos-overview.html[AWS Shield Standard].
Similarly, all GCP load balancers and public IP addresses used by {product-title} on GCP are protected against DDoS attacks with link:https://cloud.google.com/armor/docs/managed-protection-overview[Google Cloud Armor Standard].
[id="etcd-encryption_{context}"]
== etcd encryption