feature: Secure your fleet, NGINX One #731
Conversation
github-actions
bot
added
documentation
✅ Deploy Preview will be available once build job completes!
|
There was a problem hiding this comment.
LGTM. Small LOGAF non-blocking edit suggestions.
If the PR replaces #637, then that should probably be closed.
| type: how-to | ||
| product: NGINX One | ||
| docs: DOCS-000 |
There was a problem hiding this comment.
| type: how-to | |
| product: NGINX One | |
| docs: DOCS-000 | |
| nd-content-type: how-to | |
| nd-product: NGINX One |
Jon has asked us not to add placeholders for the docs parameter, since the absence is meaningful for the purposes of the automated script setting stuff up.
| docs: DOCS-000 | ||
| --- | ||
|
|
||
| In this tutorial, you'll learn how to set up alerts in F5 Distributed Cloud. Once configured, you'll see the CVEs and insecure configurations associated with your NGINX fleet. This tutorial is intended for those resposible for keeping their NGINX infrastructure and application traffic secure. It assumes you know how to: |
There was a problem hiding this comment.
| In this tutorial, you'll learn how to set up alerts in F5 Distributed Cloud. Once configured, you'll see the CVEs and insecure configurations associated with your NGINX fleet. This tutorial is intended for those resposible for keeping their NGINX infrastructure and application traffic secure. It assumes you know how to: | |
| With this page, you'll learn how to set up alerts in F5 Distributed Cloud. Once configured, you'll see the CVEs and insecure configurations associated with your NGINX fleet. These instructions are intended for those responsible for keeping their NGINX infrastructure and application traffic secure. It assumes you know how to: |
Nit: not a tutorial.
|
I find the order in which the docs are presented confusing. Is "Manage your fleet" really before "Get started"? Shouldn't "Manage your instances" include items like Connect your instances and Draft configurations? I could see 3 top-level headings on the landing page: Get started, Secure your fleet, and Manage your fleet. Or maybe 4, if we also add one for Admin tasks (like RBAC, metrics, etc.). |
|
|
||
| Next, configure the policy that identifies when you'll get an alert. | ||
|
|
||
| 1. Navigate to **Alerts Management > Alert Policies** |
There was a problem hiding this comment.
Punctuation inconsistency if compared to the previous block: full stop vs absence of full stop
Will be addressed in an internal issue (num-200 in internal-docs repo) |
|
|
||
| ## Before you begin | ||
|
|
||
| If you already have accessed F5 Distributed Cloud and have NGINX instances available, you can skip these steps and start to connect instances to the NGINX One Console.. |
Proposed changes
Create end-to-end "use-case" documentation for admins / security engineers who want to use NGINX One Console to "Secure your fleet".
Fleets of NGINX deployments frequently include dozens and many more instances. With this use case, an admin/security engineer can set up the NGINX One Console to send them alerts for appropriate issues. Today, those issues include CVEs and other detected security "misconfigurations" identified by NGINX One Console.
This use case goes somewhat beyond NGINX One Console. This PR removes roadblocks to success in the following ways:
It clarifies what users need to access the NGINX One Console, specifically with:
It then shows users, step by step, how to set up notifications when one/more of their instances have CVEs and other detected security issues.
Replaces #637
Checklist
Before merging a pull request, run through this checklist and mark each as complete.
README.mdandCHANGELOG.mdFootnotes
Potentially sensitive changes include anything involving code, personally identify information (PII), live URLs or significant amounts of new or revised documentation. Please refer to our style guide for guidance about placeholder content. ↩