GCP Network Services

Overview
Critical
0
High
1
Medium
6
Low
2
Informational
0
Security issues (9)
Severity Non-Compliance Region Resource Issue Remediation Read more Action
Medium global my-loadbalancer-service Backend service has Cloud CDN disabled. To increase speed and reliability as well as lowers server costs, ensure that Cloud CDN is enabled on all load balancers. More info
Low global my-loadbalancer-service Backend service has no security policy attached. To control the traffic on the load balancer, such as deny or allow specified IP addresses, ensure that all backend services have an attached security policy. More info
Low global my-loadbalancer-service Backend service is not configured to log HTTP(S) traffic. To monitor and debug web traffic via logging data to Cloud Monitoring service, ensure that your load balancing backend services are configured to log HTTP(S) traffic. More info
High PCI DSS 4.2 HIPAA (Encryption) global my-loadbalancer2 Load balancer uses no valid SSL/TLS certificate. To fulfill HIPAA and PCI DSS requirements on strong cryptographic and security protocols for transmitting user data, ensure that your load balancers are configured to use valid SSL/TLS certificates. More info
Medium CIS 3.9 PCI DSS (Old Protocols) HIPAA (Encryption) global my-ssl-lb-target-proxy Target SSL proxy uses an SSL policy with insecure and/or deprecated ciphers: TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, etc. To prevent usage of insecure or deprecated TLS features, ensure that SSL policies associated with your HTTPS and SSL Proxy load balancers are configured with the Minimum TLS version set to TLS 1.2. More info
Medium CIS 3.9 PCI DSS (Old Protocols) HIPAA (Encryption) global my-ssl-lb2-target-proxy Target SSL proxy uses the default SSL policy, which is considered deprecated and insecure, as it supports a minimum TLS version of TLS 1.0. To prevent usage of insecure or deprecated TLS features, ensure that SSL policies associated with your HTTPS and SSL Proxy load balancers are configured with the Minimum TLS version set to TLS 1.2. More info
Medium CIS 3.9 PCI DSS (Old Protocols) HIPAA (Encryption) global test-lb-https-target-proxy Target HTTPs proxy uses an SSL policy with insecure and/or deprecated ciphers: TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, etc. To prevent usage of insecure or deprecated TLS features, ensure that SSL policies associated with your HTTPS and SSL Proxy load balancers are configured with the Minimum TLS version set to TLS 1.2. More info
Medium CIS 3.9 PCI DSS (Old Protocols) HIPAA (Encryption) global test-lb-https2-target-proxy Target HTTPs proxy uses an SSL policy with insecure and/or deprecated ciphers: TLS_RSA_WITH_3DES_EDE_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, etc. To prevent usage of insecure or deprecated TLS features, ensure that SSL policies associated with your HTTPS and SSL Proxy load balancers are configured with the Minimum TLS version set to TLS 1.2. More info
Medium global my-dns-zone Managed zone uses RSASHA1 algorithm for zone signing. To prevent DNS hijacking or man in the middle attacks, ensure that your DNS managed zones have DNSSEC security feature enabled and are not using the RSASHA1 algorithm for zone signing. More info
Load Balancers (2)
Load Balancer Deployed Backend Security issues
my-loadbalancer Backend Bucket: my-bucket-for-loadbalancer
my-loadbalancer2 Backend Service: my-loadbalancer-service 1 High (details)
Backend Services (1)
Backend Service Description Created Protocol Load balancer Security issues
my-loadbalancer-serviceMy load balancer service HTTPmy-loadbalancer2 1 Medium + 2 others (details)
Target Proxies (5)
Target Proxy Type Created Load balancer SSL Policy Security issues
my-ssl-lb-target-proxySSL Proxy new-ssl-policy 1 Medium (details)
my-ssl-lb2-target-proxySSL Proxy 1 Medium (details)
test-lb-https-target-proxyHTTPs Proxy test-lb-httpsglobal-ssl-policy 1 Medium (details)
test-lb-https2-target-proxyHTTPs Proxy my-loadbalancer-target-proxymy-ssl-policy 1 Medium (details)
test-http-proxy-target-proxyHTTP Proxy my-loadbalancer
DNS Policies (1)
DNS Policy Description Inbound In use by Security issues
my-dns-policyMy DNS PolicyOn4617855402854364160
DNS Zones (1)
DNS Zone DNS name Description Created Zone type Security issues
my-dns-zonemy-dns-zone.prevasio.io.My DNS zone Public 1 Medium (details)