Navigate

CA-3 (1)

CA-3 (1): Unclassified National Security System Connections

The organization prohibits the direct connection of an [Assignment: organization-defined unclassified, national security system] to an external network without the use of [Assignment: organization-defined boundary protection device].

Supplemental

Organizations typically do not have control over external networks (e.g., the Internet). Approved boundary protection devices (e.g., routers, firewalls) mediate communications (i.e., information flows) between unclassified national security systems and external networks. This control enhancement is required for organizations processing, storing, or transmitting Controlled Unclassified Information (CUI).

CIA Levels
Confidentiality	low
Integrity	unknown
Availability	unknown

Overlays
None

Related Controls

The controls below (if any) were marked by NIST as being related to CA-3 (1).

Control	Description
No controls

Enhancements

The controls below (if any) add on to the requirements of CA-3 (1).

Control	Description
No controls

Related CCIs

The CCIs below are tied to CA-3 (1).

CCI	Definition
CCI-000262	The organization prohibits the direct connection of an organization-defined unclassified, national security system to an external network without the use of an organization-defined boundary protection device.
CCI-002072	The organization defines the unclassified, national security systems that are prohibited from directly connecting to an external network without the use of an organization-defined boundary protection device.
CCI-002073	The organization defines the boundary protection device to be used to connect organization-defined unclassified, national security systems to an external network.