Sprinto Dashboard

How to configure and resolve Sprinto workflow check for setting up firewall ruleset

A firewall serves as a protective barrier for your organization against potential threats from the public Internet. Establishing stringent firewall rules to manage matching criteria and control traffic effectively is advisable. Best practices dictate allowing only traffic that aligns with your organization's policy while denying all other traffic. This principle applies to both ingress (from the Internet to internal sources) and egress (from internal sources to the Internet) traffic. Implementing a least privileged security policy reduces the attack surface, thereby enhancing the effectiveness of the security compliance controls in place.

Sprinto's workflow check helps you collect evidence for maintaining a firewall ruleset that denies the access request by default to any of the hosted production resources. This collected evidence is later used for a compliance audit for your desired compliance framework.

Before You Begin

Log in on Sprinto as administrator.

Configuring workflow check

  1. Go to Security Hub > Workflow Checks.

  2. Click on Add Workflow Check.

  3. Locate Deny by default firewall ruleset should be set up on all production hosts in the workflow checklist, and click Enable.

  4. On the Add Workflow Check page, click Edit to adjust the check frequency and assign personnel or configure an evidence reviewer if necessary. Note: The default frequency for the workflow check is every twelve months. You can customize the frequency as per your requirements.

  5. Click Enable check.

Resolving Check

Once the check is activated, it will be in a "Due/Critical/Failing" status. To successfully pass the check, relevant evidence must be uploaded, and the status will be updated to "Passing."

Evidence: Upload a screen capture showcasing that the security groups have a deny by default rule set applied to the inbound and outbound internet traffic as necessary.

  • Log in to the Sprinto Admin portal and go to Security Hub > Workflow Checks > Active.

  • Select the Deny by default firewall ruleset should be set up on all production hosts check.

  • Click Upload Evidence.

  • Choose the Evidence Record Date and opt for either the File or Link attachment option.

    • File: Upload the file from your computer.

    • Link: If the evidence is stored online, provide the shareable link.

  • Click Finish.

Please contact Sprinto Support if you need any assistance with the workflow check.

Last updated