Network and Configuration Hardening

Network Hardening

Virtual Private Cloud (VPC)

By running ESS inside a VPC, you can ensure that all communication within the VPC is securely separated from external traffic.

  • Public subnets are gated by security groups and should only be able to accept traffic on ports 80 and 443.

  • To allow components in the private subnets to connect outside of the VPC, use a NAT gateway.

Configuration Hardening