Hardening Event Broker Services

The event broker services are created with default settings to allow for easy development and testing. These default settings may be useful for developmental purpose, but there are a few settings that we recommend that you consider evaluating to ensure that they align with the security policies.

 

Limit Client Access to event broker services

Disable all protocols to limit the usable to event broker services. Only permit the protocols you want to utilize you services. This limits the integration points accessible to your messaging plane.

 

The authentication scheme by default uses a basic authentication scheme. An event broker service can be configured to use one more authentication schemes. We recommend that you use a more robust authentication scheme or at minimum, use the recommended authentication schemes specified by your organization's security policies.