Network misconfigurations

ECS Instance uses classic network

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

AliCloud ECS instances use VPC networks by default, but used to be configured with classic networks. Legacy 'classic' networks have a single network IPv4 prefix range and a single gateway IP address for the whole network. With legacy networks, you cannot create subnetworks or switch from legacy to auto or custom subnet networks. Legacy networks can thus have an impact for high network traffic ECS instance and subject to the single point of failure. We have found that the ECS instance {AliCloudEcsInstance} is configured to use classic network.

  • Recommended Mitigation

    Network type cannot be changed after the instance is created. Delete or re-create the instance.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.