AC-17(3)
AC-17(3): Managed Access Control Points
The information system routes all remote accesses through [organization-defined number] managed network access control points.
Supplemental
Limiting the number of access control points for remote accesses reduces the attack surface for organizations. Organizations consider the Trusted Internet Connections (TIC) initiative requirements for external network connections.
CIA Levels | |
---|---|
Confidentiality | high |
Integrity | high |
Availability | unknown |
Overlays |
---|
None |
CSF Categories |
---|
None |