A security team is deploying Cloud Native Application Firewall (CNAF) on a containerized web application. The application is running an NGINX container. The container is listening on port 8080 and is mapped to host port 80.
Which port should the team specify in the CNAF rule to protect the application?
The security team should specify port 80 in the CNAF rule to protect the application. Since the NGINX container listens on port 8080 internally but is mapped to host port 80, the external traffic targeted by the firewall will be directed to port 80. Therefore, to correctly filter and protect incoming web traffic at its entry point, port 80 should be specified in the CNAF rule.
Should be C --> Specify the ports where the container listens for web traffic. https://docs.paloaltonetworks.com/prisma/prisma-cloud/19-11/prisma-cloud-compute-edition-admin/firewalls/deploy_cnaf
port 80 is correct
Port (Required) - For containerized applications, the internal port on which the application is listening. For all other types, the externally facing port. C