Skip to main content

💼 4.11 Ensure Network Access Control List (NACL) changes are monitored (Manual)

Contextual name: 💼 4.11 Ensure Network Access Control List (NACL) changes are monitored (Manual)
ID: /frameworks/cis-aws-v4.0.1/04/11
Located in: 💼 4 Monitoring

Description

Real-time monitoring of API calls can be achieved by directing CloudTrail Logs to CloudWatch Logs or an external Security Information and Event Management (SIEM) environment, and establishing corresponding metric filters and alarms.

NACLs are used as a stateless packet filter to control ingress and egress traffic for subnets within a VPC. It is recommended that a metric filter and alarm be established for any changes made to NACLs.

Similar

Sections
- /frameworks/cis-aws-v5.0.0/04/11
- /frameworks/cis-aws-v4.0.0/04/11

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v4.0.0 → 💼 4.11 Ensure Network Access Control List (NACL) changes are monitored (Manual)			1
💼 CIS AWS v5.0.0 → 💼 4.11 Ensure Network Access Control List (NACL) changes are monitored (Manual)			1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v4.0.0 → 💼 4.11 Ensure Network Access Control List (NACL) changes are monitored (Manual)			1
💼 CIS AWS v5.0.0 → 💼 4.11 Ensure Network Access Control List (NACL) changes are monitored (Manual)			1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 AWS CloudTrail Network Access Control Lists Changes Monitoring is not enabled 🟢		🟢 x3

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections
Policies (1)