- read network policies
- from a kubernetes cluster
- from files
- policy analysis
- break the policies down by target, ingress/egress etc.
- traffic analysis
- given a pod (with labels, in a namespace with labels) determine which policies apply
- given traffic between pods, determine whether it would be allowed or not