Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Policy Network Security

            Created by Venkat Pothamsetty, Modified on Sat, 11 Oct at 8:33 AM by Venkat Pothamsetty

            Network Policy 

            Purpose
            This policy establishes requirements and guidelines for network security and access control within the organization’s cloud and IT infrastructure. It aims to ensure secure network configuration, proper segmentation, and controlled access to resources.

            Scope
            This policy applies to all network components and configurations within the organization’s cloud environment, including virtual networks, security groups, and network access controls.

            Policy Owner
            The DevOps/Security team owns this policy and is responsible for its maintenance and enforcement.

            Network Security Requirements

            Security Groups / Firewall Rules

            • Restrict inbound SSH (port 22) access to authorized IP ranges only.

            • Limit TCP and UDP access to required ports and authorized sources.

            • Document all security group/firewall rules and justifications.

            • Regular review and cleanup of unused rules.

            Network Configuration

            • Internet gateways or equivalents must only be attached to authorized networks.

            • Proper subnet configuration for public/private resources.

            • Network ACLs/firewall rules to provide additional security controls.

            • Regular audit of network configurations.

            Network Access Control

            • Public IP addresses must be associated only with approved compute instances or interfaces.

            • Implement least privilege access principles.

            • Monitor and log all network traffic.

            • Regular review of network access patterns.

            Compliance Requirements

            • Regular network security assessments.

            • Documentation of network controls.

            • Periodic review of security configurations.

            • Validation of compliance requirements.

            Network Monitoring

            Traffic Monitoring

            • Network flow logs must be enabled.

            • Regular review of network traffic patterns.

            • Alerts must be configured for suspicious activities.

            • Documentation of monitoring procedures.

            Security Controls

            • Regular testing of security controls.

            • Validation of access restrictions.

            • Audit of firewall/security group configurations.

            • Review of network segmentation.

            Documentation Requirements

            • Network architecture diagrams.

            • Security group/firewall configurations.

            • Access control lists.

            • Monitoring and alert settings.

            • Incident response procedures.

            Review Cycle
            This policy will be reviewed annually and updated based on security requirements and industry best practices.

            Was this article helpful?

            That’s Great!

            Thank you for your feedback

            Sorry! We couldn't be helpful

            Thank you for your feedback

            Let us know how can we improve this article!

            Select at least one of the reasons
            CAPTCHA verification is required.

            Feedback sent

            We appreciate your effort and will try to fix the article

            Preview
            0 of 0