Amazon Web Services (AWS) EC2 security groups are essentially inbound firewalls.
With the correct set-up and use of security groups one can determine what incoming traffic is permitted to access the EC2 instances.
When you create your AWS account, a “default” security group is created in each region, it is recommended to create your own security groups with ingress rules that are specific to your application.
For example, in a three-tier environment, composing of a web tier, application tier and a database tier, it is best practice to restrict network access to your middle and back-end tier machines.
Newvem’s security insights are based on industry standards and best-practices constantly monitoring for security vulnerabilities and advising towards optimal and secure security group use.
Large range of open ports
Newvem will assess your security groups across all regions and alert for misconfigurations in security groups. Newvem will identify unnecessary ports open to the public. For example in your web tier you should only allow access to HTTP (80) and HTTPS (443) for everyone to access the application.
Critical IP ports exposed
Your security group configurations should not allow public access to ports that are considered sensitive or critical, such that accessibility may cause critical damage to your instances, such as ports for administrating machines, databases, etc.
Newvem notifies our customers in these cases, advising to re-configure the security groups according to best practices and by that lock down the servers and their access.
Ports open to all internal AWS traffic and servers
To allow access between internal servers, it is advices to explicitly allow access from other security groups by name and avoid using an internal IP address which may dynamically change. Newvem monitors and alerts for security groups configured to allow access from a large range of internal AWS IP addresses, by that exposing risk to the application.
To receive Newvem cost insights tailored to you, join us (get started for free).
Keywords: aws ec2 security groups, EC2 instances, AWS account, security insights, open ports, aws security groups, IP ports exposed, ports open to all internal AWS traffic and servers, AWS IP addresses.