You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 15 Next »

Approved Blueprints


Project Name

Vuls Scan

  • Pass/Fail
  • Exceptions

Lynis Scan

  • Pass/Fail
  • Exceptions

Kube-Hunter Scan

  • Pass/Fail
  • Exceptions
1

5G MEC/Slice System to Support Cloud Gaming, HD Video and Live Broadcasting Blueprint




2

AI/ML and AR/VR applications at Edge




3Connected Vehicle Blueprint


4Edge Video Processing


5ELIOT: Edge Lightweight and IoT Blueprint Family


6


7


8


9Integrated Cloud Native NFV/App stack family (Short term: ICN)
  • Fail:
    • 141 unfixed vulnerabilities
    • (High:30 Medium:96 Low:27 ?:0), 12/153 Fixed
  • Exceptions:
    • We request exceptions for all outstanding vulnerabilities
  • See Nexus Logs
  • Fail
    • Only 1 vulnerability found, in "Inside-a-Pod Scanning": CAP_NET_RAW
  • Exceptions:
    • We request exception for CAP_NET_RAW vulnerability or remediation (fixes found seem to be on a per-pod basis, which is not enough)
  • See Nexus Logs
10Integrated Edge Cloud (IEC) Blueprint Family


11


12


13


14Kubernetes-Native Infrastructure (KNI) Blueprint Family
lynis.logFail. We request for exception as we are running OpenShift and not upstream Kubernetes, so we hit several failures: cluster.log , pod.log
15

Micro-MEC




16Network Cloud Blueprint Family


17StarlingX Far Edge Distributed Cloud


18Telco Appliance Blueprint Family


19

Fail with Exceptions

0 CVEs are detected with OVA
0 CVEs are detected with CPE
0 CVEs are detected with GitHub Security Alerts
0 exploits are detected
248 unfixed CVEs are detected with gost
Total: 228
(High:44 Medium:137 Low:47 ?:0), 0/228 Fixed, 824
installed, 0 updatable, 0 exploits, en: 5, ja: 0 alerts

vuls.log

Pass with Exceptions

Tests performed: 287
Total tests: 449
Active plugins: 2
"Total plugins: 2
Warnings: 2"
Found accounts without password [AUTH-9283]
https://cisofy.com/lynis/controls/AUTH-9283/
Note: these accounts are not allowed to logon.
YUM is not properly configured or registered for this platform (no repolist found) [PKGS-7383]
https://cisofy.com/lynis/controls/PKGS-7383/
Note: This is intentional to prevent anyone from installing software

lynis.log

Pass with Exceptions

All Critical Tests Passed
Cluster Remote Scanning Passed
Node Remote Scanning Passed
Inside-a-Pod Scanning Known Vulnerablities Found

KHV005 Access to API using service account token
KHV002 Kubernetes Version Disclosure
KHV050 Read access to pod's service account token
Local to Pod CAP_NET_RAW Enabled
Local to Pod Access to pod's secrets

pod.log

cluster.log

20


21The AI Edge Blueprint Family


22

Time-Critical Edge Compute




23Public Cloud Edge Interface

Pass

Nexus logs here

Pass

Nexus logs here

Pass: no k8s cluster as part of deployment at the moment

Nexus logs here
















Approved Feature Projects

If the program uses only one programming language, in the “Repository” column, just fill in the repo location.

If a project uses multiple programming languages, please list all of them, add a link in "Repository" column for each programming language to show the sample code.  


Project NameProgramming Languages RepositorySonarQube EnabledNotes
1

Akraino Blueprint Validation Framework





2

Akraino Portal Feature Project





4Akraino Profiling



5Akraino Regional Controller



6

API Gateway





7Backup and Restore (Snappy) Feature Project



8Cluster Health & Overload Monitoring Platform (CHOMP) Feature Project



9MEC API Framework



10Support of OVS-DPDK in Airship



  • No labels