πΌ [ES.3] Elasticsearch domains should encrypt data sent between nodes
- Contextual name: πΌ [ES.3] Elasticsearch domains should encrypt data sent between nodes
- ID:
/frameworks/aws-fsbp-v1.0.0/es/03 - Located in: πΌ Elasticsearch
Descriptionβ
HTTPS (TLS) can be used to help prevent potential attackers from eavesdropping on or manipulating network traffic using person-in-the-middle or similar attacks. Only encrypted connections over HTTPS (TLS) should be allowed. Enabling node-to-node encryption for Elasticsearch domains ensures that intra-cluster communications are encrypted in transit.
Similarβ
- AWS Security Hub
- Internal
- ID:
dec-c-dc5a5c95
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ AC-4 Information Flow Enforcement | 32 | 60 | 73 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-7(4) Boundary Protection _ External Telecommunications Services | 18 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-8 Transmission Confidentiality and Integrity | 5 | 8 | 10 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-8(1) Transmission Confidentiality and Integrity _ Cryptographic Protection | 8 | 10 | ||
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-8(2) Transmission Confidentiality and Integrity _ Pre- and Post-transmission Handling | 2 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-13 Cryptographic Protection | 4 | 6 | ||
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-23 Session Authenticity | 5 | 2 | ||
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-23(3) Session Authenticity _ Unique System-generated Session Identifiers | 2 | |||
| πΌ PCI DSS v4.0.1 β πΌ 4.2.1 Strong cryptography and security protocols are implemented to safeguard PAN during transmission over open, public networks. | 2 | 9 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|