Network Policy - Korr
Purpose
This policy establishes requirements and guidelines for network security and access control within Korr's AWS infrastructure. It aims to ensure secure network configuration, proper segmentation, and controlled access to resources.
Scope
This policy applies to all network components and configurations within Korr's AWS environment, including VPCs, security groups, and network access controls.
Policy Owner
The DevOps/Security team owns this policy and is responsible for its maintenance and enforcement.
Network Security Requirements
VPC Security Groups
- Restrict inbound SSH access (port 22) to authorized IP ranges only
- Limit TCP and UDP access to required ports and authorized sources
- Document all security group rules and justifications
- Regular review and cleanup of unused rules
VPC Configuration
- Internet gateways must only be attached to authorized VPCs
- Proper subnet configuration for public/private resources
- Network ACLs to provide additional security controls
- Regular audit of network configurations
Network Access Control
- Elastic IPs must be associated with EC2 instances or ENIs
- Implement least privilege access principles
- Monitor and log all network traffic
- Regular review of network access patterns
Compliance Requirements
- Regular network security assessments
- Documentation of network controls
- Periodic review of security configurations
- Validation of compliance requirements
Network Monitoring
Traffic Monitoring
- AWS VPC Flow Logs enabled
- Regular review of network traffic patterns
- Alert on suspicious activities
- Documentation of monitoring procedures
Security Controls
- Regular testing of security controls
- Validation of access restrictions
- Audit of security group configurations
- Review of network segmentation
Documentation Requirements
- Network architecture diagrams
- Security group configurations
- Access control lists
- Monitoring and alert settings
- Incident response procedures
This policy will be reviewed annually and updated based on security requirements and industry best practices.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article