Create Network Boundaries between Functional Different Nodes

An XCCDF Rule

Details
Profiles
Prose

Description

Use different Networks for Control Plane, Worker and Individual Application Services.

Rationale

Separation on a Network level might help to hinder lateral movement of an attacker and subsequently reduce the impact of an attack. It might also enable you to provide additional external network control (like firewalls).

ID: xccdf_org.ssgproject.content_rule_general_network_separation
Severity: Medium
References: APP.4.4.A7 SYS.1.6.A3 SYS.1.6.A5

CCE-86851-3
Updated: 5 days ago