Detections
Analytics

CSCv7|14.1

Title

Segment the Network Based on Sensitivity

Description

Segment the network based on the label or classification level of the information stored on the servers, locate all sensitive information on separated Virtual Local Area Networks (VLANs).

Reference Item Details

Category: Controlled Access Based on the Need to Know

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.6.3 Create network segmentation using Network PoliciesUnixCIS Kubernetes 1.13 Benchmark v1.4.1 L2
2.3.10.6 (L1) Ensure 'Network access: Named Pipes that can be accessed anonymously' is set to 'None'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
2.3.10.6 Configure 'Network access: Named Pipes that can be accessed anonymously' (DC only)WindowsCIS Microsoft Windows Server 2008 Domain Controller Level 1 v3.3.0
2.3.10.6 Ensure 'Network access: Named Pipes that can be accessed anonymously' is set to 'None'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1
2.3.10.7 Configure 'Network access: Named Pipes that can be accessed anonymously' (MS only)WindowsCIS Microsoft Windows Server 2008 Member Server Level 1 v3.3.0
3.10 Ensure Private Endpoints are used to access Storage Accountsmicrosoft_azureCIS Microsoft Azure Foundations v2.0.0 L1
4.3.2 Ensure that all Namespaces have Network Policies definedGCPCIS Google Kubernetes Engine (GKE) v1.5.0 L2
4.5.1 Ensure That 'Firewalls & Networks' Is Limited to Use Selected Networks Instead of All Networksmicrosoft_azureCIS Microsoft Azure Foundations v2.0.0 L2
4.5.2 Ensure That Private Endpoints Are Used Where Possiblemicrosoft_azureCIS Microsoft Azure Foundations v2.0.0 L2
5.2.3 Minimize the admission of containers wishing to share the host IPC namespaceUnixCIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
5.2.4 Minimize the admission of containers wishing to share the host IPC namespaceUnixCIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
5.2.4 Minimize the admission of containers wishing to share the host IPC namespaceUnixCIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
5.2.4 Minimize the admission of containers wishing to share the host IPC namespaceUnixCIS Kubernetes Benchmark v1.8.0 L1 Master
5.2.4 Minimize the admission of containers wishing to share the host network namespaceUnixCIS Kubernetes v1.20 Benchmark v1.0.1 L1 Master
5.2.4 Minimize the admission of containers wishing to share the host network namespaceOpenShiftCIS RedHat OpenShift Container Platform 4 v1.5.0 L1
5.2.5 Minimize the admission of containers wishing to share the host network namespaceUnixCIS Kubernetes Benchmark v1.8.0 L1 Master
5.2.5 Minimize the admission of containers wishing to share the host network namespaceUnixCIS Kubernetes v1.24 Benchmark v1.0.0 L1 Master
5.2.5 Minimize the admission of containers wishing to share the host network namespaceUnixCIS Kubernetes v1.23 Benchmark v1.0.1 L1 Master
5.6.2 Ensure use of VPC-native clustersGCPCIS Google Kubernetes Engine (GKE) v1.5.0 L1
5.16 Ensure that the host's process namespace is not sharedUnixCIS Docker v1.6.0 L1 Docker Linux
5.17 Ensure that the host's IPC namespace is not sharedUnixCIS Docker v1.6.0 L1 Docker Linux
5.21 Ensure that the host's UTS namespace is not sharedUnixCIS Docker v1.6.0 L1 Docker Linux
5.31 Ensure that the host's user namespaces are not sharedUnixCIS Docker v1.6.0 L1 Docker Linux
6.3 Ensure storage area network (SAN) resources are segregated properlyVMwareCIS VMware ESXi 7.0 v1.3.0 Level 1
6.3 Ensure storage area network (SAN) resources are segregated properlyVMwareCIS VMware ESXi 6.7 v1.3.0 Level 1
6.3 Ensure storage area network (SAN) resources are segregated properlyVMwareCIS VMware ESXi 6.5 v1.0.0 Level 1
7.9 Ensure that management plane traffic is separated from data plane trafficUnixCIS Docker v1.6.0 L1 Docker Swarm
8.7 Ensure that Private Endpoints are Used for Azure Key Vaultmicrosoft_azureCIS Microsoft Azure Foundations v2.0.0 L2
18.9.35.1 (L1) Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1 Bitlocker
18.9.35.1 Ensure 'Prevent the computer from joining a homegroup' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 v2.4.1 L1