SC-7: Boundary Protection

The organization limits the number of external network connections to the information system.

The organization: Implements a managed interface for each external telecommunication service; Establishes a traffic flow policy for each managed interface; Protects the confidentiality and integrity of the information being transmitted across each interface; Documents each exception to the traffic flow policy with a supporting mission/business need and duration of that need; and Reviews exceptions to…

The information system at managed interfaces denies network communications traffic by default and allows network communications traffic by exception (i.e., deny all, permit by exception).

The information system, in conjunction with a remote device, prevents the device from simultaneously establishing non-remote connections with the system and communicating via some other connection to resources in external networks.

The information system routes [Assignment: organization-defined internal communications traffic] to [Assignment: organization-defined external networks] through authenticated proxy servers at managed interfaces.

The information system: Detects and denies outgoing communications traffic posing a threat to external information systems; and Audits the identity of internal users associated with denied communications.

The organization prevents the unauthorized exfiltration of information across managed interfaces.

The information system only allows incoming communications from [Assignment: organization-defined authorized sources] to be routed to [Assignment: organization-defined authorized destinations].

The organization implements [Assignment: organization-defined host-based boundary protection mechanisms] at [Assignment: organization-defined information system components].

The organization isolates [Assignment: organization-defined information security tools, mechanisms, and support components] from other internal information system components by implementing physically separate subnetworks with managed interfaces to other components of the system.

The organization protects against unauthorized physical connections at [Assignment: organization-defined managed interfaces].

The information system routes all networked, privileged accesses through a dedicated, managed interface for purposes of access control and auditing.

The information system prevents discovery of specific system components composing a managed interface.

The information system enforces adherence to protocol formats.

The information system fails securely in the event of an operational failure of a boundary protection device.

The information system blocks both inbound and outbound communications traffic between [Assignment: organization-defined communication clients] that are independently configured by end users and external service providers.

The information system provides the capability to dynamically isolate/segregate [Assignment: organization-defined information system components] from other components of the system.

The organization employs boundary protection mechanisms to separate [Assignment: organization-defined information system components] supporting [Assignment: organization-defined missions and/or business functions].

The information system implements separate network addresses (i.e., different subnets) to connect to systems in different security domains.

The information system disables feedback to senders on protocol format validation failure.