TitelTable of contents1. Airlock Secure Access Hub2. About this document2.1. How information is structured in this manual2.2. Leveled prerequisites2.3. Warning tiers in this document2.4. Additional panel types2.5. Advanced Lucene searches within this online help3. About Airlock Microgateway3.1. Airlock Microgateway license editions and support3.2. Online labs3.3. Release and support information4. How to establish security controls4.1. Empower your counterpart4.1.1. Blueprints4.1.2. Templates4.1.3. Enforce policies4.1.4. Assess the active configuration4.1.5. Monitor and analyze4.1.6. Education and guidelines4.1.7. Establish GitOps principles4.1.8. Staging5. System architecture5.1. Kubernetes cluster without a service mesh5.2. Kubernetes cluster with an Istio service mesh5.3. Kubernetes cluster with Cilium5.4. Installation mode types6. Getting started – installation and follow-ups7. Setup requirements and installation information 7.1. Requirements and limitations7.2. Container image repositories and registries7.2.1. Verify the image signature7.2.2. Using a custom image registry7.3. Installation7.3.1. Kubernetes7.3.2. OpenShift7.3.3. Istio7.3.4. Cilium7.4. Uninstallation and upgrade instructions8. Configuration8.1. Microgateway Operator8.2. Microgateway CNI8.3. Microgateway Engine sidecar injection and configuration8.3.1. CR SidecarGateway8.4. Microgateway Session Agent8.4.1. CR SessionHandling8.4.2. CR RedisProvider8.5. Labels and annotations for Airlock Microgateway9. Operation9.1. Configuration and monitoring of licenses9.1.1. Monitor the licensed throughput9.2. Reducing false-positive blocks9.3. Logging configuration and output formatting9.4. Grafana dashboards for metric and log visualization9.5. Using Microgateway Prometheus metrics10. Tooling10.1. Completion, validation and tooltips in Visual Studio Code11. Troubleshooting and support11.1. Tips for troubleshooting11.2. Pod is not ready11.3. List Pods with SidecarGateway selectors11.4. Listing the SidecarGateway status11.5. Envoy Admininistration interface11.6. Inspect the Envoy configuration11.7. Several SidecarGateway CRs point to the same Pod11.8. Troubleshooting Microgateway CNI Helm test11.9. Troubleshooting Microgateway Operator Helm test11.10. Troubleshooting for network routing issues in the application pod11.10.1. Network Validator sanity check11.11. HTTP protocol selection12. Reference documentation12.1. Airlock Microgateway API reference documentation12.2. Available metrics in Prometheus format12.3. Access log field reference12.4. License texts