800-53|AC-4(21)

Title

PHYSICAL / LOGICAL SEPARATION OF INFORMATION FLOWS

Description

The information system separates information flows logically or physically using [Assignment: organization-defined mechanisms and/or techniques] to accomplish [Assignment: organization-defined required separations by types of information].

Supplemental

Enforcing the separation of information flows by type can enhance protection by ensuring that information is not commingled while in transit and by enabling flow control by transmission paths perhaps not otherwise achievable. Types of separable information include, for example, inbound and outbound communications traffic, service requests and responses, and information of differing security categories.

Reference Item Details

Category: ACCESS CONTROL

Parent Title: INFORMATION FLOW ENFORCEMENT

Family: ACCESS CONTROL

Audit Items

View all Reference Audit Items

NamePluginAudit Name
1.2.1.3 Configure 'Prohibit connection to non-domain networks when connected to domain authenticated network'WindowsCIS Windows 8 L1 v1.0.0
3.8 Ensure 'security-level' is set to '0' for Internet-facing interfaceCiscoCIS Cisco Firewall v8.x L1 v4.2.0
Ensure 'Unused Interfaces' is disableCiscoTenable Cisco Firepower Best Practices Audit
Ensure 'Unused Interfaces' is disableCisco_FirepowerTenable Cisco Firepower Threat Defense Best Practices Audit
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v21H2 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 11 v23H2 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 1809 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 1909 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v1507 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 1803 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v21H1 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v22H2 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v20H2 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 11 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 v2004 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 11 v22H2 v1.0.0
Prohibit connection to non-domain networks when connected to domain authenticated networkWindowsMSCT Windows 10 1903 v1.19.9