SC-46: Cross Domain Policy Enforcement

Threats Addressed:


  • Low


  • Moderate


  • High


  • Privacy


Info icon.

Control is new to this version of the control set.

Control Statement

Implement a policy enforcement mechanism [Assignment: physically, logically] between the physical and/or network interfaces for the connecting security domains.

Supplemental Guidance

For logical policy enforcement mechanisms, organizations avoid creating a logical path between interfaces to prevent the ability to bypass the policy enforcement mechanism. For physical policy enforcement mechanisms, the robustness of physical isolation afforded by the physical implementation of policy enforcement to preclude the presence of logical covert channels penetrating the security domain may be needed. Contact for more information.