SC-7(18)—Boundary Protection
PBMM (P2)
Secret (P2)
Technical
>Control Description
BOUNDARY PROTECTION | FAIL SECURE The information system fails securely in the event of an operational failure of a boundary protection device.
>Supplemental Guidance
Fail secure is a condition achieved by employing information system mechanisms to ensure that in the event of operational failures of boundary protection devices at managed interfaces (e.g., routers, firewalls, guards, and application gateways residing on protected sub-networks commonly referred to as demilitarized zones), information systems do not enter into insecure states where intended security properties no longer hold. Failures of boundary protection devices cannot lead to, or cause information external to the devices to enter the devices, nor can failures permit unauthorized information releases. Related controls: CP-2, SC-24.
Ask AI
Configure your API key to use AI features.