SID-HARD-03 — Network Segmentation (Separate Server Ports)
| Property | Value |
|---|---|
| Status | verified |
| Owner | platform |
| Category | technical |
| CSF Function | protect |
| Group | System Hardening Controls |
Description
Admin API on separate port with independent token authentication. WebSocket engine on dedicated port. Health/readiness endpoints (/readyz) with per-provider checks, 2s TTL cache. Kubernetes probe compatible.
Components
- Wallet Backend (Go)
Source References
Audit Findings
| Finding | Severity | Status |
|---|---|---|
| ISO-T-5 — Partial endpoint and privileged access controls | medium | open |
| ISO-T-8 — Partial network security | medium | open |