CCI-004868

Connect to external networks or systems only through managed interfaces consisting of boundary protection devices arranged in accordance with an organizational privacy architecture.

Implementation Guidance

Determine if external networks or systems are only connected to through managed interfaces consisting of boundary protection devices arranged in accordance with an organizational security and privacy architecture.

Validation Procedures

Examine: [SELECT FROM: System and communications protection policy; procedures addressing boundary protection; list of key internal boundaries of the system; system design documentation; boundary protection hardware and software; system configuration settings and associated documentation; enterprise security architecture documentation; system audit records; system security plan; other relevant documents or records]. Interview: [SELECT FROM: System/network administrators; organizational personnel with information security responsibilities; system developer; organizational personnel with boundary protection responsibilities]. Test: [SELECT FROM: Mechanisms implementing boundary protection capabilities].

The controls below (if any) were marked by NIST as being related to CCI-004868.