>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

NO-02Inbound and Outbound Network Traffic: DMZ Requirements

>Control Description

Network traffic to and from untrusted networks passes through a Demilitarized Zone (DMZ).

Theme

Technology

Type

Preventive

Policy/Standard

Network Security Standard

>Implementation Guidance

1. Ensure necessary requirements are defined which outlines the use of a DMZ and firewalls must be used wherever necessary to enforce perimeter security between separate networks in the policy. 2. Ensure DMZ is enabled and configured within the network traffic.

>Testing Procedure

1. Inspect Network Security Policy and/or Standard documents to determine whether requirements have been defined that outlines the use of a DMZ and firewalls must be used wherever necessary to enforce perimeter security between separate networks. 2. Observe a sample of network security rules or firewall rulesets and confirm that the DMZ or DMZ equivalents are operating in the rulesets.

>Audit Artifacts

E-NO-01
E-NO-03

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

ISO 27002:2022
1

8.23

PCI DSS
2

1.4
1.4.1

Cyber Essentials
1

FW

BSI C5
5

COS-02
COS-03
COS-04
COS-06
OPS-24

Ask AI

Configure your API key to use AI features.