Skip to main content

Restrict administrative access

Summary

If the system has an administration mechanism, it must only be accessible from administrative network segments.

Description

Network access to modules or system management mechanisms must be limited to the parties that require access to them (administrators). Personnel that does not have administrative needs, tasks or obligations should not have access to these mechanisms. Following this recommendation helps to fulfill the objective of reducing the attack surface of the above mentioned systems (since malicious third parties cannot attempt to directly access the system administration settings), and increases the level of confidentiality and availability of the system.

Supported In

This requirement is verified in following services:

PlanSupported
Machine🔴
Squad🟢
One-Shot🟢

References

Vulnerabilities