SC-10: Network Disconnect

Control Family:

System and Communications Protection

CSF v1.1 References:

PF v1.0 References:

Threats Addressed:

Baselines:

  • Low

    N/A

  • Moderate
    • SC-10
  • High
    • SC-10
  • Privacy

    N/A

Previous Version:

Control Statement

Terminate the network connection associated with a communications session at the end of the session or after [Assignment: organization-defined time period] of inactivity.

Supplemental Guidance

Network disconnect applies to internal and external networks. Terminating network connections associated with specific communications sessions includes de-allocating TCP/IP address or port pairs at the operating system level and de-allocating the networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. Periods of inactivity may be established by organizations and include time periods by type of network access or for specific network accesses.

Related Controls

NIST Special Publication 800-53 Revision 5

Cloud Controls Matrix v3.0.1