ORIGINAL:
ONAP MUST support the ability to prohibit remote access to ONAP via a host based security mechanism.

MODIFIED, two requirements:
1) ONAP MUST define all the access points.
2) ONAP MUST enforce authorization on all the access points, and/or give recommendations for the ONAP deployment to enforce in the Kubernetes platform and Rancher.
Access points include but are not limited to: the native ONAP GUIs, all ONAP APIs.

.....................
Info: This should become part of milestone (M3 probably) checklist: ONAP MUST define all the access points.