CMMC 2.0 • LEVEL 1 • SYSTEM & COMMUNICATIONS PROTECTION

SC.L1-3.13.1Boundary Protection

Monitor and control communications at external managed interfaces to the system and key internal managed interfaces within the system. Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks. Connect to external systems only through managed interfaces that consist of boundary protection devices arranged in accordance with an organizational security architecture.

NIST 800-171 Mapping

NIST 800-53 Controls

SC-7

Assessment Objectives

  • communications at external managed interfaces to the system are monitored.
  • communications at external managed interfaces to the system are controlled.
  • communications at key internal managed interfaces within the system are monitored.
  • communications at key internal managed interfaces within the system are controlled.
  • subnetworks are implemented for publicly accessible system components that are physically or logically separated from internal networks.
  • external system connections are only made through managed interfaces that consist of boundary protection devices arranged in accordance with an organizational security architecture.

Practitioner Notes

Practitioner commentary coming soon.

Related CMMC 2.0 Practices

SC.L2-3.13.2 Employ Architectural Designs, Software Development Techniques, and Systems Engineering Principles That Promote Effective Information Security SC.L2-3.13.3 Separate User Functionality from System Management Functionality SC.L2-3.13.4 Information in Shared System Resources SC.L2-3.13.5 Implement Subnetworks for Publicly Accessible System Components That Are Physically or Logically Separated from Internal Networks