💼 [ES.3] Elasticsearch domains should encrypt data sent between nodes
- Contextual name: 💼 [ES.3] Elasticsearch domains should encrypt data sent between nodes
- ID:
/frameworks/aws-fsbp-v1.0.0/es/03 - Located in: 💼 Elasticsearch
Description​
HTTPS (TLS) can be used to help prevent potential attackers from eavesdropping on or manipulating network traffic using person-in-the-middle or similar attacks. Only encrypted connections over HTTPS (TLS) should be allowed. Enabling node-to-node encryption for Elasticsearch domains ensures that intra-cluster communications are encrypted in transit.
Similar​
- AWS Security Hub
- Internal
- ID:
dec-c-dc5a5c95
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-4 Information Flow Enforcement | 32 | 68 | 89 | |
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-7(4) Boundary Protection _ External Telecommunications Services | 28 | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-8 Transmission Confidentiality and Integrity | 5 | 8 | 16 | |
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-8(1) Transmission Confidentiality and Integrity _ Cryptographic Protection | 8 | 15 | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-8(2) Transmission Confidentiality and Integrity _ Pre- and Post-transmission Handling | 7 | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-13 Cryptographic Protection | 4 | 13 | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-23 Session Authenticity | 5 | 7 | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 SC-23(3) Session Authenticity _ Unique System-generated Session Identifiers | 6 | |||
| 💼 PCI DSS v4.0.1 → 💼 4.2.1 Strong cryptography and security protocols are implemented to safeguard PAN during transmission over open, public networks. | 2 | 21 |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|