STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide

V-253526

CAT I (High)

Prisma Cloud Compute Cloud Native Network Firewall (CNNF) automatically monitors layer 4 (TCP) intercontainer communications. Enforcement policies must be created.

Rule ID

SV-253526r1137642_rule

STIG

Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide

Version

V2R3

CCIs

CCI-000381CCI-001414

Discussion

Network segmentation and compartmentalization are important parts of a comprehensive defense-in-depth strategy. CNNF works as an east-west firewall for containers. It limits damage by preventing attackers from moving laterally through the environment when they have already compromised the perimeter. Satisfies: SRG-APP-000039-CTR-000110, SRG-APP-000384-CTR-000915

Check Content

Navigate to Prisma Cloud Compute Console's >> Radars >> Settings. 

If Container network monitoring is disabled, this is a finding.

If Host network monitoring is disabled, this is a finding.

Fix Text

Navigate to Prisma Cloud Compute Console's >> Radars >> Settings. 

Set Container network monitoring to "enabled".

Set Host network monitoring to "enabled".