diff --git a/controllers/runtimecomponent_controller.go b/controllers/runtimecomponent_controller.go
index 8c2e691c8..e7925704a 100644
--- a/controllers/runtimecomponent_controller.go
+++ b/controllers/runtimecomponent_controller.go
@@ -262,6 +262,24 @@ func (r *RuntimeComponentReconciler) Reconcile(ctx context.Context, req ctrl.Req
 
 		if isKnativeSupported {
 			reqLogger.Info("Knative is supported and Knative Service is enabled")
+
+			networkPolicy := &networkingv1.NetworkPolicy{ObjectMeta: defaultMeta}
+			if np := instance.Spec.NetworkPolicy; np == nil || np != nil && !np.IsDisabled() {
+				err = r.CreateOrUpdate(networkPolicy, instance, func() error {
+					appstacksutils.CustomizeNetworkPolicy(networkPolicy, r.IsOpenShift(), instance)
+					return nil
+				})
+				if err != nil {
+					reqLogger.Error(err, "Failed to reconcile network policy")
+					return r.ManageError(err, common.StatusConditionTypeReconciled, instance)
+				}
+			} else {
+				if err := r.DeleteResource(networkPolicy); err != nil {
+					reqLogger.Error(err, "Failed to delete network policy")
+					return r.ManageError(err, common.StatusConditionTypeReconciled, instance)
+				}
+			}
+
 			ksvc := &servingv1.Service{ObjectMeta: defaultMeta}
 			err = r.CreateOrUpdate(ksvc, instance, func() error {
 				appstacksutils.CustomizeKnativeService(ksvc, instance)
diff --git a/utils/utils.go b/utils/utils.go
index a2f5f8d4c..0b8dda060 100644
--- a/utils/utils.go
+++ b/utils/utils.go
@@ -449,13 +449,22 @@ func createNetworkPolicyPeer(appName string, namespace string, networkPolicy com
 
 func customizeNetworkPolicyPorts(ingress *networkingv1.NetworkPolicyIngressRule, ba common.BaseComponent) {
 	var ports []int32
-	ports = append(ports, ba.GetService().GetPort())
+
 	for _, port := range ba.GetService().GetPorts() {
 		ports = append(ports, port.Port)
 	}
 
 	currentLen := len(ingress.Ports)
-	desiredLen := len(ba.GetService().GetPorts()) + 1 // Add one for normal port
+	desiredLen := len(ba.GetService().GetPorts())
+
+	if ba.GetCreateKnativeService() != nil && *ba.GetCreateKnativeService() {
+		knativeports := []int32{8012, 8013, 8112, 8022, 9090, 9091}
+		ports = append(ports, knativeports...)
+		desiredLen += len(knativeports)
+	} else {
+		ports = append(ports, ba.GetService().GetPort())
+		desiredLen += 1 // Add one for normal port
+	}
 
 	// Shrink if needed
 	if currentLen > desiredLen {