πΌ SC-7 Boundary Protection (L)(M)(H)
- Contextual name: πΌ SC-7 Boundary Protection (L)(M)(H)
- ID:
/frameworks/fedramp-low-security-controls/sc/07 - Located in: πΌ System and Communications Protection
Descriptionβ
a. Monitor and control communications at the external managed interfaces to the system and at key internal managed interfaces within the system;
b. Implement subnetworks for publicly accessible system components that are [Selection: Assignment: physically; logically] separated from internal organizational networks; and
c. Connect to external networks or systems only through managed interfaces consisting of boundary protection devices arranged in accordance with an organizational security and privacy architecture.
SC-7 Additional FedRAMP Requirements and Guidance:
(b) Guidance: SC-7 (b) should be met by subnet isolation. A subnetwork (subnet) is a physically or logically segmented section of a larger network defined at TCP/IP Layer 3, to both minimize traffic and, important for a FedRAMP Authorization, add a crucial layer of network isolation. Subnets are distinct from VLANs (Layer 2), security groups, and VPCs and are specifically required to satisfy SC-7 part b and other controls. See the [FedRAMP Subnets White Paper] (https://www.fedramp.gov/assets/resources/documents/FedRAMP_subnets_white_paper.pdf) for additional information.
Similarβ
- Sections
/frameworks/nist-sp-800-53-r5/sc/07/frameworks/fedramp-high-security-controls/sc/07
- Internal
- ID:
dec-c-826de890
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ SC-7 Boundary Protection (L)(M)(H) | 10 | 6 | 33 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ SC-7 Boundary Protection | 29 | 5 | 33 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|