An error occurred:

Check: SRG-APP-000158-CTR-000390

Container Platform SRG: SRG-APP-000158-CTR-000390 (in versions v2 r2 through v1 r0.1)

Title

The container platform must uniquely identify all network-connected nodes before establishing any connection. (Cat II impact)

Discussion

A container platform usually consists of multiple nodes. It is important for these nodes to be uniquely identified before a connection is allowed. Without identifying the nodes, unidentified or unknown nodes may be introduced, thereby facilitating malicious activity.

Check Content

Review the container platform configuration to determine if the container platform uniquely identifies all nodes before establishing a connection. If the container platform is not configured to uniquely identify all nodes before establishing the connection, this is a finding.

Fix Text

Configure the container platform to uniquely identify all nodes before establishing the connection.

Additional Identifiers

Rule ID: SV-233086r960999_rule

Vulnerability ID: V-233086

Group Title: SRG-APP-000158

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-000778

Uniquely identify organization-defined devices and/or types of devices before establishing a local, remote, and/or network connection.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
IA-3

Device Identification and Authentication