Back to All Checks
Medium EC2 Regional

EC2 network interfaces should have source/destination checking enabled

FSBP

Description

This control checks whether source/destination checking is enabled for an Amazon EC2 elastic network interface (ENI) that's managed by users. The control fails if source/destination checking is disabled for the user-managed ENI. This control checks only the following types of ENIs: aws_codestar_connections_managed, branch, efa, interface, lambda, and quicksight.

Remediation

To enable source/destination checking for EC2 network interfaces, you need to modify the network interface settings.

Steps

  1. Open the Amazon EC2 console
  2. Navigate to Network Interfaces
  3. Select the network interface you want to modify
  4. Click 'Actions' and select 'Modify attribute'
  5. Enable 'Source/destination checking'
  6. Save the changes to enable source/destination checking

Compliance

FSBP
Start Your Free Security Check