SC-7(22): Separate Subnets for Connecting to Different Security Domains
Control Family:
Parent Control:
Threats Addressed:
Baselines:
(Not part of any baseline)
Previous Version:
- NIST Special Publication 800-53 Revision 4:
- SC-7(22): Separate Subnets For Connecting To Different Security Domains
Control Statement
Implement separate network addresses to connect to systems in different security domains.
Supplemental Guidance
The decomposition of systems into subnetworks (i.e., subnets) helps to provide the appropriate level of protection for network connections to different security domains that contain information with different security categories or classification levels.