This rule ensures VPC security groups restrict ingress access on specified common ports to enhance security.
Rule | VPC security groups should restrict ingress access on ports 20, 21, 22, 3306, 3389, 4333 from 0.0.0.0/0 |
Framework | NIST 800-171 Revision 2 |
Severity | ✔ High |
Rule Description:
The VPC security groups within the organization should be configured to restrict ingress access on specific ports from the IP range 0.0.0.0/0. This rule is applied to ensure compliance with NIST 800-171 Revision 2, which provides guidelines for protecting Controlled Unclassified Information (CUI) in non-federal systems and organizations.
Troubleshooting Steps:
Necessary Codes:
No specific code is required for this rule. Instead, the rule is enforced through configuration changes in the VPC security groups.
Remediation Steps:
Note: It is essential to ensure that the security groups still provide the required access for legitimate users while adhering to the ingress restriction policy.
Additional Notes: