![]() unprotected - Enable the shield for all explicitly configured connections, but other connections remain unfiltered.disabled - Disable the Network Shield completely.Variableĭetermines mode of operation for all connections that are not explicitly configured. The Network Shield can be configured through environment variables defined within the policy of a confidential application. It can prevent all other network communication like UDP-based communication. One needs to enable the network shield in the SCONE policy (aka session) of a confidential service.Ĭurrently, the network shield can protect TCP connections and Unix sockets with a pathname. an application-level firewall: The shield can be configured to filter inbound and outbound network connections according to authorization rulesīy default, the Network Shield is in unprotected mode and allows all communication to pass through unmodified. ![]() transparent encryption: TLS-based encryption with mutual authentication guarantees confidentiality, integrity, and controlled access.The Network Shield can protect network connections of a service executed with SCONE. (This feature is available starting SCONE 5.8) When enabled in the policy, only explicitly permitted network communication is allowed. The SCONE Network shield can limit the network communication of an application.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |