Details
Use TLS or SSL to protect all incoming and outgoing connections. This should include using TLS or SSL to encrypt communication between mongod and mongos components of a MongoDB client as well as between all applications and MongoDB.
Most MongoDB distributions include support for SSL or TLS.
Rationale:
This prevents sniffing of cleartext traffic between MongoDB components or performing a man-in-the-middle attack for MongoDB.
Solution
Configure MongoDB servers to require the use of SSL or TLS to encrypt all MongoDB network communications.
Default Value:
Not configured
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: System and Communications Protection.This control applies to the following type of system Windows.