AC-4(29): Filter Orchestration Engines

Control Family:

Access Control

CSF v1.1 References:

Threats Addressed:


(Not part of any baseline)

Info icon.

Control is new to this version of the control set.

Control Statement

When transferring information between different security domains, employ content filter orchestration engines to ensure that:

  1. Content filtering mechanisms successfully complete execution without errors; and
  2. Content filtering actions occur in the correct order and comply with [Assignment: organization-defined policy].

Supplemental Guidance

Content filtering is the process of inspecting information as it traverses a cross-domain solution and determines if the information meets a predefined security policy. An orchestration engine coordinates the sequencing of activities (manual and automated) in a content filtering process. Errors are defined as either anomalous actions or unexpected termination of the content filter process. This is not the same as a filter failing content due to non-compliance with policy. Content filter reports are a commonly used mechanism to ensure that expected filtering actions are completed successfully.