SC-7(22): Separate Subnets For Connecting To Different Security Domains
Control Family:
Parent Control:
Threats Addressed:
Baselines:
(Not part of any baseline)
Next Version:
- NIST Special Publication 800-53 Revision 5:
- SC-7(22): Separate Subnets for Connecting to Different Security Domains
Control Statement
The information system implements separate network addresses (i.e., different subnets) to connect to systems in different security domains.
Supplemental Guidance
Decomposition of information systems into subnets helps to provide the appropriate level of protection for network connections to different security domains containing information with different security categories or classification levels.