3c19f00a7f
This patch adds the right tags to each piece of metadata and corrects small errors found in the deployer notes. Closes-bug: 1595669 Change-Id: Ic04aaad85ebf111be5a0bdb01a350442fdea1433
461 B
461 B
---id: V-38512 status: exception tag: network ---
Although a minimal set of iptables rules are configured on openstack-ansible hosts, the "deny all" requirement of the STIG is not met. This is largely left up to the deployer to do, based on their assessment of their own network segmentation.
Deployers are urged to review the network access controls that are applied on the network devices between their OpenStack environment and the rest of their network.