Checks whether protection is enabled for all assets in Cloud Firewall.
Scenarios
Make sure that you have enabled protection for all public IP addresses in Cloud Firewall to protect cloud network security.
Risk level
Default risk level: high.
You can change the risk level as required when you apply this rule.
Compliance evaluation logic
- If protection is enabled for all assets in Cloud Firewall, the evaluation result is
compliant.
Note This rule applies only to Cloud Firewall of a paid edition. If you do not activate Cloud Firewall or use Cloud Firewall of a free edition, the evaluation result is compliant even if protection is disabled for an asset in Cloud Firewall.
- If protection is disabled for an asset in Cloud Firewall, the evaluation result is non-compliant. For more information about how to correct the non-compliant configuration, see Non-compliance remediation.
Rule details
| Item | Description |
|---|---|
| Rule name | cloud-fire-wall-all-asset-open |
| Rule ID | cloud-fire-wall-all-asset-open |
| Tag | CloudFireWall |
| Automatic remediation | Not supported |
| Trigger type | Periodic execution |
| Time interval | 24 hours |
| Supported resource type | None |
| Input parameter | None |
Non-compliance remediation
Enable the Internet firewall. For more information, see Internet firewall.