Detections
Analytics

800-53|AC-4(21)

Title

PHYSICAL / LOGICAL SEPARATION OF INFORMATION FLOWS

Description

The information system separates information flows logically or physically using [Assignment: organization-defined mechanisms and/or techniques] to accomplish [Assignment: organization-defined required separations by types of information].

Supplemental

Enforcing the separation of information flows by type can enhance protection by ensuring that information is not commingled while in transit and by enabling flow control by transmission paths perhaps not otherwise achievable. Types of separable information include, for example, inbound and outbound communications traffic, service requests and responses, and information of differing security categories.

Reference Item Details

Category: ACCESS CONTROL

Parent Title: INFORMATION FLOW ENFORCEMENT

Family: ACCESS CONTROL

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.2.1.3 Configure 'Prohibit connection to non-domain networks when connected to domain authenticated network'WindowsCIS Windows 8 L1 v1.0.0
3.8 Ensure 'security-level' is set to '0' for Internet-facing interfaceCiscoCIS Cisco Firewall v8.x L1 v4.2.0
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 L1 v2.3.0
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled'WindowsCIS Microsoft Windows 8.1 L1 Bitlocker v2.3.0
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only)WindowsCIS Windows Server 2012 MS L2 v2.1.0
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only)WindowsCIS Windows Server 2012 R2 MS L2 v2.5.0
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only)WindowsCIS Windows Server 2012 R2 MS L2 v2.4.0
18.5.21.2 Ensure 'Prohibit connection to non-domain networks when connected to domain authenticated network' is set to 'Enabled' (MS only) - EnabledWindowsCIS Microsoft Windows Server 2016 MS L2 v1.2.0
DB2X-00-005500 - DB2 must isolate security functions from non-security functions - SYSCAT.LIBRARIESIBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v1r4 Database
DB2X-00-005500 - DB2 must isolate security functions from non-security functions - SYSCAT.MODULESIBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v1r4 Database
DB2X-00-005500 - DB2 must isolate security functions from non-security functions - SYSCAT.PACKAGESIBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v1r4 Database
DB2X-00-005500 - DB2 must isolate security functions from non-security functions - SYSCAT.ROUTINESIBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v1r4 Database
DB2X-00-005500 - DB2 must isolate security functions from non-security functions - SYSCAT.TRIGGERSIBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v1r4 Database
DB2X-00-005500 - DB2 must isolate security functions from non-security functions - SYSIBMADM.PRIVILEGESIBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v1r4 Database
DB2X-00-007000 - DB2 must prevent non-privileged users from executing privileged functions, to include disabling, circumventing, or altering implemented security safeguards/countermeasures - SYSADM_GROUPIBM_DB2DBDISA STIG IBM DB2 v10.5 LUW v1r4 Database
Ensure 'Unused Interfaces' is disableCiscoTenable Cisco Firepower Best Practices Audit
Ensure 'Unused Interfaces' is disableCisco_FirepowerTenable Cisco Firepower Threat Defense Best Practices Audit
NET-VLAN-004 - VLAN 1 is being used as a user VLAN - 'shutdown'.CiscoDISA STIG Cisco L2 Switch V8R27
NET-VLAN-004 - VLAN 1 is being used as a user VLAN - 'shutdown'.CiscoDISA STIG Cisco Perimeter L3 Switch v8r32
NET-VLAN-004 - VLAN 1 is being used as a user VLAN - 'shutdown'.CiscoDISA STIG Cisco Infrastructure L3 Switch v8r29
PCI 3.4.1 - EFS - implementation (AIX 6.1 only) - 'CLiC kernel extension has loaded'UnixPCI DSS 2.0/3.0 - AIX
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v1511 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v21H2 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 11 v23H2 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v1703 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 1809 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 1909 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v21H1 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v1507 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 1803 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v22H2 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v1709 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v20H2 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 11 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v2004 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 11 v22H2 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 1607 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 1903 v1.19.9
WN08-CC-000015 - Connections to non-domain networks when connected to a domain authenticated network must be blocked.WindowsDISA Windows 8/8.1 STIG v1r23