infrastructure

Network segmentation implemented

Production networks segmented from corporate and development environments.

PassingHigh RiskSemi-Automated

Owner

Infrastructure Team

Last Tested

10/6/2025

Test Frequency

Continuous

Maturity Level

Level 4 / 5

Framework Mappings

SOC 2 Type II

CC6.1: Logical and Physical Access Controls

Evidence (4)

Unwanted traffic filtered

Verifies that all AWS EC2 instances have network ACLs or security groups attached.

READY FOR AUDIT

INFRASTRUCTURE•TEST

Firewall default disallows traffic

This test verifies that AWS firewall configurations (Security Groups and Network ACLs) default to denying inbound traffic, a behavior inherent to AWS infrastructure. It ensures that unless traffic is explicitly permitted, it will be blocked by default.

READY FOR AUDIT

INFRASTRUCTURE•TEST

VPC Flow Logs enabled

This test checks whether your AWS Virtual Private Clouds (VPCs) have VPC Flow Logs enabled for network traffic monitoring.

READY FOR AUDIT

LOGGING•TEST

Access Control Policy

To limit access to information and information processing systems, networks, and facilities to authorized parties in accordance with business objectives.

READY FOR AUDIT

Uncategorized•POLICY

Related Policies

No policies linked yet.

Control Information

Control ID: network-segmentation-implemented
Category: INFRASTRUCTURE
Family: infrastructure
Last Updated: 10/6/2025