SID-HARD-03 — Network Segmentation (Separate Server Ports)

Property	Value
Owner	platform
Category	technical
CSF Function	protect
Group	System Hardening Controls

Description

Admin API on separate port with independent token authentication. WebSocket engine on dedicated port. Health/readiness endpoints (/readyz) with per-provider checks, 2s TTL cache. Kubernetes probe compatible.

Components

Wallet Backend (Go)

Source References

go-wallet-backend/server.go

Framework Requirements

FitCEM Wallet Instance: FIT-DS-08

ISO 27001 Annex A: A.8.2, A.8.18, A.8.22, A.8.27

OWASP ASVS 4.0.3 Level 3: V1.14, V4.3

STRIDE Threat Model: WB-S-3, WB-E-2, WB-D-3

Description​

Components​

Source References​

Framework Requirements​

Description

Components

Source References

Framework Requirements