Skip to main content

💼 [Opensearch.8] Connections to OpenSearch domains should be encrypted using the latest TLS security policy

  • Contextual name: 💼 [Opensearch.8] Connections to OpenSearch domains should be encrypted using the latest TLS security policy

  • ID: /frameworks/aws-fsbp-v1.0.0/opensearch/08

  • Located in: 💼 OpenSearch

Description​

HTTPS (TLS) can be used to help prevent potential attackers from using person-in-the-middle or similar attacks to eavesdrop on or manipulate network traffic. Only encrypted connections over HTTPS (TLS) should be allowed. Encrypting data in transit can affect performance. You should test your application with this feature to understand the performance profile and the impact of TLS. TLS 1.2 provides several security enhancements over previous versions of TLS.

Similar​

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
💼 NIST SP 800-53 Revision 5 → 💼 AC-4 Information Flow Enforcement326889
💼 NIST SP 800-53 Revision 5 → 💼 AC-17(2) Remote Access _ Protection of Confidentiality and Integrity Using Encryption1217
💼 NIST SP 800-53 Revision 5 → 💼 IA-5(1) Authenticator Management _ Password-based Authentication8
💼 NIST SP 800-53 Revision 5 → 💼 SC-7(4) Boundary Protection _ External Telecommunications Services28
💼 NIST SP 800-53 Revision 5 → 💼 SC-8 Transmission Confidentiality and Integrity5816
💼 NIST SP 800-53 Revision 5 → 💼 SC-8(1) Transmission Confidentiality and Integrity _ Cryptographic Protection815
💼 NIST SP 800-53 Revision 5 → 💼 SC-8(2) Transmission Confidentiality and Integrity _ Pre- and Post-transmission Handling7
💼 NIST SP 800-53 Revision 5 → 💼 SC-12(3) Cryptographic Key Establishment and Management _ Asymmetric Keys6
💼 NIST SP 800-53 Revision 5 → 💼 SC-13 Cryptographic Protection413
💼 NIST SP 800-53 Revision 5 → 💼 SC-23 Session Authenticity57
💼 NIST SP 800-53 Revision 5 → 💼 SC-23(3) Session Authenticity _ Unique System-generated Session Identifiers6
💼 NIST SP 800-53 Revision 5 → 💼 SI-7(6) Software, Firmware, and Information Integrity _ Cryptographic Protection12

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags