11.2: Document Traffic Configuration Rules

CSF v1.1 References:


Info icon.

The next version of the control set incorporates all or part of this control into: 4.4: Implement and Manage a Firewall on Servers, 4.5: Implement and Manage a Firewall on End-User Devices.

Control Statement

All configuration rules that allow traffic to flow through network devices should be documented in a configuration management system with a specific business reason for each rule, a specific individual’s name responsible for that business need, and an expected duration of the need.

[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]