Skip to main content

Netskope Help

Appendix: Fixed Issue 134322

The following rules have been changed for the AWS BPR Predefined Profile.

Rule	Description
Ensure EC2 Instance does not have open DNS port	The above CSA rule has been modified to Alert only on EC2 instances having Security Group Inbound Rules open to Public Internet IP’s for DNS Port 53.
Ensure EC2 Instance does not have open MongoDB port	The above CSA rule has been modified to Alert only on EC2 instances having Security Group Inbound Rules open to Public Internet IP’s for MongoDB Port 27019.
Ensure EC2 Instance does not have open MySQL port	The above CSA rule has been modified to Alert only on EC2 instances having Security Group Inbound Rules open to Public Internet IP’s for MySQL Port 3306.
Ensure EC2 Instance does not have open SQL Server port	The above CSA rule has been modified to Alert only on EC2 instances having Security Group Inbound Rules open to Public Internet IP’s for SQL Server Port 1433.
Ensure EC2 Instance does not have open NFS port	The above CSA rule has been modified to Alert only on EC2 instances having Security Group Inbound Rules open to Public Internet IP’s for NFS Ports 2049 and 111.
Ensure EC2 Instance does not have open OracleDb port	The above CSA rule has been modified to Alert only on EC2 instances having Security Group Inbound Rules open to Public Internet IP’s for OracleDb Port 1521.
Ensure EC2 Instance does not have open PostgreSQL port	The above CSA rule has been modified to Alert only on EC2 instances having Security Group Inbound Rules open to Public Internet IP’s for PostgreSQL Port 5432.
Ensure EC2 Instance does not have open RDP port	The above CSA rule has been modified to Alert only on EC2 instances having Security Group Inbound Rules open to Public Internet IP’s for RDP Port 3389.
Ensure EC2 Instance does not have open SMTP port	The above CSA rule has been modified to Alert only on EC2 instances having Security Group Inbound Rules open to Public Internet IP’s for SMTP Port 25.
Ensure EC2 Instance does not have open SSH port	The above CSA rule has been modified to Alert only on EC2 instances having Security Group Inbound Rules open to Public Internet IP’s for SSH Port 22.
Ensure EC2 Instance does not have open TCP ports	The above CSA rule has been modified to Alert only on EC2 instances having Security Group Inbound Rules open to Public Internet IP’s for TCP Ports 22, 80, 443, 1433, 1521, 3306, 3389, 5432, 27017, 27018, 27019.
Ensure EC2 Instance does not have open UDP ports	The above CSA rule has been modified to Alert only on EC2 instances having Security Group Inbound Rules open to Public Internet IP’s for UDP Ports 22, 80, 443, 1433, 1521, 3306, 3389, 5432, 27017, 27018, 27019.

In this section:

Would you like to provide feedback? Just click here to suggest edits.