Back to All Checks
Medium ELB Regional

Application Load Balancer and Network Load Balancer listeners should use recommended security policies

NIST 800-53

Description

This control checks whether the HTTPS listener for an Application Load Balancer or the TLS listener for a Network Load Balancer is configured to encrypt data in transit by using a recommended security policy. The control fails if the HTTPS or TLS listener for a load balancer isn't configured to use a recommended security policy.

Remediation

To configure a recommended security policy for your load balancer listeners, you need to update the SSL/TLS policy settings.

Steps

  1. Navigate to the Amazon EC2 console
  2. Go to 'Load Balancers' and select your load balancer
  3. Select the listener you want to configure
  4. Choose 'Edit' and go to 'Security policy'
  5. Select one of the recommended security policies
  6. Save the changes to apply the new security policy
  7. Verify that the listener is using the recommended policy

Compliance

NIST 800-53
Start Your Free Security Check