How to resolve Sprinto check to protect Oracle Cloud Instance from direct internet access

About

Sprinto check: Compute instance should be protected from direct internet traffic

Protecting Oracle Cloud Compute Instances from direct public internet access is essential for enhancing security, reducing the attack surface, and mitigating potential cyber threats.

Purpose

The purpose of protecting Oracle Cloud Compute Instances from direct public internet access is to:

1. Enhance Security: Minimize the risk of unauthorized access, data breaches, and malicious attacks by restricting direct access to compute instances from the public internet.

2. Reduce Attack Surface: Limit exposure to potential security vulnerabilities and exploits by preventing direct communication between compute instances and external networks.

3. Compliance Requirements: Align with regulatory compliance requirements and industry standards by implementing robust security measures, including network access controls and segmentation, to protect compute instances from external threats.

How to resolve

Follow the below steps to restrict the public internet access of Oracle Cloud compute instance

Before you begin

• Ensure you have “Admin” access to the Oracle Cloud account where you wish to perform the following action.

Modifying internet access

1. Log in on Oracle Cloud using your credentials.

2. Navigate to Instance services.

3. Select the Instance for which you wish to restrict public internet access.

4. On Instance details page, select the Instance information tab and select the Subnet option under the Primary VNIC.

5. Select your current configured Security List.

6. Under Ingress Rules, ensure the Source is configured as 0.0.0.0/0 for port 22.

Once the alert is created, Sprinto retrieves the change from your integrated Oracle Cloud account on Sprinto and sets the assigned check status to "Passing."

If you need any assistance with the Sprinto check, please contact Sprinto Support.