diff --git a/ROADMAP.md b/ROADMAP.md
index 66a0676096a..002523a5152 100644
--- a/ROADMAP.md
+++ b/ROADMAP.md
@@ -14,20 +14,15 @@ The following features are considered for the near future:
 
 * **Windows support improvements**
 Antrea [supports Windows K8s Node](docs/windows.md) since version 0.7.0.
-However, a few features like network flow export are not supported for Windows
-Node yet. We will continue to add more features for Windows, and improve Antrea
-Agent and OVS installation on Windows Nodes.
+However, a few features including: Egress, NodePortLocal, IPsec encryption are
+not supported for Windows Node yet. We will continue to add more features for
+Windows, and improve Antrea Agent and OVS installation on Windows Nodes.
 
-* **IPv6 Pod network**
-Support IPv6 and IPv4/IPv6 dual-stack for Pod network. Right now Antrea supports
-only IPv4.
-
-* **Antrea NetworkPolicy**
-Antrea has started adding support for [Antrea native NetworkPolicy](docs/antrea-network-policy.md)
+* **Antrea NetworkPolicy enhancements**
+Antrea added support for [Antrea-native policies](docs/antrea-network-policy.md)
 in addition to K8s NetworkPolicy since version 0.8.0. We already support
-ClusterNetworkPolicy and tiering, and will continue to add more NetworkPolicy
-extensions, like traffic logging, policy statistics, policy realization status,
-more matching criteria and actions, and external endpoints.
+Antrea (Namespace scoped) NetworkPolicy, ClusterNetworkPolicy, ClusterGroup, and
+tiering, but will continue to add more advanced NetworkPolicy features.
 
 * **Network diagnostics and observability**
 Network diagnostics and observability is one area we want to focus on. Antrea
@@ -35,7 +30,8 @@ already implements some useful features on this front, including [Octant UI
 plugin](docs/octant-plugin-installation.md), [CLI](docs/antctl.md),
 [Traceflow](docs/traceflow-guide.md), [network flow export and visualization](docs/network-flow-visibility.md),
 [Prometheus metrics](docs/prometheus-integration.md), [OVS flow dumping](docs/antctl.md#dumping-ovs-flows)
-and [packet tracing](docs/antctl.md#ovs-packet-tracing). We will continue to
+and [packet tracing](docs/antctl.md#ovs-packet-tracing), [NetworkPolicy
+diagnostics](docs/antctl.md#networkpolicy-commands). We will continue to
 enhance existing features and add new features to help diagnose K8s networking
 and NetworkPolicy implementation, and to provide good visibility into the Antrea
 network.
@@ -47,18 +43,32 @@ more IPAM strategies besides subnet per Node, like IP pool per Node or
 per Namespace.
 
 * **Egress policy**
-Egress policy is to control the egress Nodes and SNAT IPs of traffic from Pods
-to external network. For example, a user can request a dedicated SNAT IP per
-Namespace, or for a particular set of Pods or Services. This feature is very
-useful for services in the Node or external network to identify the source of
-Pod traffic based on SNAT IP and enforce specific policies on the traffic. Also
-check the [egress policy proposal](https://github.com/vmware-tanzu/antrea/issues/667)
-to learn more.
+Antrea released alpha support for [Egress](docs/feature-gates.md#egress) in
+version 1.0.0. Users can choose a specific SNAT IP for a selected set of Pods
+with an Egress CRD, and then the egress traffic from the Pods to external
+network will be SNAT'd using the SNAT IP. This feature is very useful for
+services in the Node or external network to identify the source of Pod traffic
+based on SNAT IP and enforce specific policies on the traffic. However, the
+Egress feature still has several major limitations which need to be addressed.
+For example, today the SNAT IPs used in Egresses must be manually configured on
+the Nodes, and there is no auto-failover of Egress Nodes. Also check the
+[egress policy proposal](https://github.com/vmware-tanzu/antrea/issues/667) to
+learn more.
 
 * **NFV and Telco use cases**
-We plan to explore and provide support for NFV and Telco use cases. Will support
-Multus integration, Pod interfaces on SRIOV devices, and Network Service
-Chaining.
+We plan to explore and provide support for NFV and Telco use cases. We will add
+native Pod multi-interface support in Antrea, and support Pod interfaces on
+SRIOV devices, OVS DPDK bridge, overlay network, and Network Service Chaining.
+
+* **K8s Node security**
+So far Antrea focuses on K8s Pod networking and security, but we would like to
+extend Antrea-native NetworkPolicies to cover protection of K8s Nodes too.
+
+* **L7 security policy and visibility**
+Enhance Antrea to provide application level security and visibility to K8s
+workloads. This includes extending Antrea-native NetworkPolicies to support L7 /
+application protocols (HTTP, DNS, etc.), and extending Antrea diagnostics and
+observability features to get into application level visibility.
 
 * **NetworkPolicy scale and performance tests**
 Evaluate and benchmark the NetworkPolicy implementation performance at a large