Information
Many organizations consider layered security to be a best practice for protecting network infrastructure. In the cloud, you can use a combination of Amazon VPC, implicit firewall rules at the hypervisor-layer, alongside network access control lists, security groups, host-based firewalls, and IDS/IPS systems to create a layered solution for network security.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Examples of inline threat protection technologies include the following:
- Third-party firewall devices installed on Amazon EC2 instances (also known as soft blades)
- Unified threat management (UTM) gateways
- Intrusion prevention systems
- Data loss management gateways
- Anomaly detection gateways
- Advanced persistent threat detection gateways
Item Details
Category: PROGRAM MANAGEMENT
References: 800-53|PM-1, 800-53|PM-2, 800-53|PM-3, 800-53|PM-4, 800-53|PM-5, 800-53|PM-6, 800-53|PM-7, 800-53|PM-8, 800-53|PM-9, 800-53|PM-10, 800-53|PM-11
Control ID: 362ee3d20116ec1ecd1559595d3099b3853d9694590eea6507935e29cbb28bf5