Title

Logical separation must occur between testing and development network segments within the same test and development environment. (Cat II impact)

Discussion

Logical network segmentation is a way to restrict access between test and development systems to reduce the chance of code becoming victim to compromise. Since test and development segments may not have the same level of IA assurance, logical separation is required.

Check Content

Determine whether logical separation is present between test and development network segments. Review the test and development network diagrams to ensure they have been properly documented. If logical separation has not been established and documented between test and development network segments in the environment, this is a finding.

Fix Text

Establish logical separation between test and development network segments in the environment. Document the logical separation on the network diagrams.

Additional Identifiers

Rule ID: SV-51528r1_rule

Vulnerability ID: V-39661

Group Title: ENTD0220 - No logical separation between network segments.

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.