Need to align to UK TSR(Telecoms Security Requirements) #12892
sriharshabm
started this conversation in
General
Replies: 3 comments
-
i would like to contribute. |
Beta Was this translation helpful? Give feedback.
0 replies
-
Prometheus as an open source project cannot comply with all security requirements that are specific to particular deployment scenarios. However, an external guide with recommendations such as how to configure TLS (e.g. using |
Beta Was this translation helpful? Give feedback.
0 replies
-
You also une scheme: https combined with follow_redirect: false in your scrape configs |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Proposal
V.H.1: Product hardening
The product can be easily hardened into a secure configuration. Documentation exists to help customers perform this hardening process.Alerts are created should the device be taken out of the hardened state.
V.H.5: No unencrypted protocols
Secure protocols are used whenever possible (e.g. SSH and HTTPS). If an unencrypted protocol is enabled, and a secure alternative exists, the product warns the administrator, and provides the option to create a security alert.
Reference: https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/1120531/E02781980_Telecommunications_Security_CoP_Accessible.pdf
Aligning to these requrements are mandatory to deploy any telecom solution in UK
Beta Was this translation helpful? Give feedback.
All reactions