>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

5.10.1.1Boundary Protection

>Control Description

The agency shall: 1. Control access to networks processing CJI. 2. Monitor and control communications at the external boundary of the information system and at key internal boundaries within the system. 3. Ensure any connections to the Internet, other external networks, or information systems occur through controlled interfaces (e.g., proxies, gateways, routers, firewalls, encrypted tunnels). See Section 5.13.4.3 for guidance on personal firewalls. 4. Employ tools and techniques to monitor network events, detect attacks, and provide identification of unauthorized use. 5. Ensure the operational failure of the boundary protection mechanisms do not result in any unauthorized release of information outside of the information system boundary (i.e., the device “fails closed” vs. “fails open”). 6. Allocate publicly accessible information system components (e.g., public Web servers) to separate sub networks with separate, network interfaces. Publicly accessible information systems residing on a virtual host shall follow the guidance in Section 5.10.3.2 to achieve separation.

>Cross-Framework Mappings

SCF

NET-03
Compare

Ask AI

Configure your API key to use AI features.