Learn more about the connected frameworks

9.2 (MIL1)
C2M2

Implement Network Protections as an Element of the Cybersecurity Architecture

PR.PT-4
NIST CSF

Communications and control networks

Other tasks from the same security theme

Choosing and using network protection systems

Critical
High
Normal
Low

Cyber criminals can exploit configuration errors or technical vulnerabilities in applications, firewalls, or networks to access our information.

An organization must use defense-in-depth technologies to protect against, detect, and respond to cyber-attacks. The techniques should be suitable for controlling physical, logical and administrative controls.

PR.PT-4: Communications and control networks
NIST CSF
9.2 (MIL1): Implement Network Protections as an Element of the Cybersecurity Architecture
C2M2

Verifying network configuration consistency between virtual and physical networks

Critical
High
Normal
Low

In environments that include virtual and physical layers, inconsistency of network policies can cause e.g. system outages or defective access control.

The organisation must ensure that the configuration of virtual networks is aligned with the policies for configuring physical networks. Network configuration should match the policy no matter what means are used to create the configuration.

13: Communications security
ISO 27017
CLD 13.1: Network security management
ISO 27017
CLD 13.1.4: Alignment of security management for virtual and physical networks
ISO 27017

Securing data transfer when switching to cloud environments

Critical
High
Normal
Low

The organization must use secure and encrypted connections to move servers, services, applications, or data to the cloud. Only the latest versions and approved protocols may be used for connections.

No items found.

Visualizing high-risk network architectures

Critical
High
Normal
Low

An organization needs to draw the high-risk network environments. The drawing should show:

  • Network components (physical and logical)
  • Hypervisors, servers, networks and other relevant elements
  • Data flow between different components
  • Different domains and related policies
  • Interfaces between different network environments
No items found.

Virtualization policy

Critical
High
Normal
Low

The organization must have clear policies for developing virtualization security. The policy should be reviewed and updated at least annually.

The virtualization policy should consider at least:

  • Virtual Machine Lifecycle Management
  • Limiting the storage of virtual machine icons and snapshots
  • < li>Backup and fault tolerance
  • Labeling virtual machines by risk level
  • Change management process for creating, storing, and using virtual machine icons
  • Using firewalls to separate virtual machine groups
No items found.