💼 4.11 Ensure Network Access Control Lists (NACL) changes are monitored - Level 2 (Manual)
- ID:
/frameworks/cis-aws-v2.0.0/04/11
Description
Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs, or an external Security information and event management (SIEM) environment, and establishing corresponding metric filters and alarms. NACLs are used as a stateless packet filter to control ingress and egress traffic for subnets within a VPC. It is recommended that a metric filter and alarm be established for changes made to NACLs.
Similar
- Sections
/frameworks/cis-aws-v3.0.0/04/11/frameworks/cis-aws-v1.5.0/04/11
- Internal
- ID:
dec-c-8d77eaf1
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 CIS AWS v1.5.0 → 💼 4.11 Ensure a log metric filter and alarm exist for changes to Network Access Control Lists (NACL) - Level 2 (Automated) | 1 | no data | |||
| 💼 CIS AWS v3.0.0 → 💼 4.11 Ensure Network Access Control Lists (NACL) changes are monitored - Level 2 (Manual) | 1 | no data |
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 CIS AWS v1.5.0 → 💼 4.11 Ensure a log metric filter and alarm exist for changes to Network Access Control Lists (NACL) - Level 2 (Automated) | 1 | no data | |||
| 💼 CIS AWS v3.0.0 → 💼 4.11 Ensure Network Access Control Lists (NACL) changes are monitored - Level 2 (Manual) | 1 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (1)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS CloudTrail Network Access Control Lists Changes Monitoring is not enabled🟢⚪ | 🟢 x2, ⚪ x1 | no data |