Back

Configure the "CNI" plugin to organizational standards.


CONTROL ID
14659
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Configure network protection settings to organizational standards., CC ID: 07601

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Ensure that the CNI in use supports Network Policies Description: There are a variety of CNI plugins available for Kubernetes. If the CNI in use does not support Network Policies it may not be possible to effectively restrict traffic in the cluster. Rationale: Kubernetes network policies are enforce… (5.3.1, The Center for Internet Security Kubernetes Level 1 Master Node Benchmark, v 1.6.0)
  • Ensure that the CNI in use supports Network Policies Description: There are a variety of CNI plugins available for Kubernetes. If the CNI in use does not support Network Policies it may not be possible to effectively restrict traffic in the cluster. Rationale: Kubernetes network policies are enforce… (5.3.1, The Center for Internet Security Kubernetes Level 2 Master Node Benchmark, v 1.6.0)