Content library
Network security
Network segmentation and filtering practices within the classification level
Technical cyber security
Network security

Network segmentation and filtering practices within the classification level

Start free trial

Task description

Network segmentation and filtering practices within the classification level

The zoning and filtering provisions of the communication network shall be implemented in accordance with the principle of multi-level protection.

The division of the communication network within a given security class into separate network areas (zones and segments) may mean, for example, appropriate workstation and server separation from a data protection point of view, also covering possible project-specific separation needs.

The requirement can be met by the following measures:

  • The communication network is divided into separate network areas (zones, segments) within the security class.
  • Traffic between the network areas is restricted and traffic entering the environment is subject to the default-deny rule.
  • The data processing environment is prepared for common network attacks.

Requirements connected to the task

TEK-02: Tietoliikenne-verkon vyöhykkeistäminen
Julkri: TL IV-I

Other tasks from the same security theme

Task name
Priority
Policy
Other requirements
Develop network diagrams for each logically integrated system
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Develop network diagrams for each logically integrated system
Network configuration security
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Network configuration security
Network perimeter security and firewall governance
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Network perimeter security and firewall governance
Secure network design and encryption measures
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Secure network design and encryption measures
Network security and segregation
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Network security and segregation
Fast and accurate data transmission
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

No items found.
See all related requirements and other information from tasks own page.
Go to >
Fast and accurate data transmission
Identify and document critical telecommunication services and networks
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

13.2: Gennemførelse af prioriteringer
NIS2 Denmark
See all related requirements and other information from tasks own page.
Go to >
Identify and document critical telecommunication services and networks
Performing application layer filtering
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

13.10: Perform Application Layer Filtering
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Performing application layer filtering
Deploying port-level access control
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

13.9: Deploy Port-Level Access Control
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Deploying port-level access control
Performing traffic filtering between network segments
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

13.4: Perform Traffic Filtering Between Network Segments
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Performing traffic filtering between network segments
Deploying a network intrusion detection solution
Critical
High
Normal
Low
Network security
3
requirements

Examples of other requirements this task affects

13.8: Deploy a Network Intrusion Prevention Solution
CIS 18
13.3: Deploy a Network Intrusion Detection Solution
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Deploying a network intrusion detection solution
Using of secure communication protocols and network management
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

12.6: Use of Secure Network Management and Communication Protocols
CIS 18
3.1.8: Säkrade lösningar för kommunikation
NIS2 Sweden
See all related requirements and other information from tasks own page.
Go to >
Using of secure communication protocols and network management
Centralizing network authentication, authorization, and auditing (AAA)
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

12.5: Centralize Network Authentication, Authorization, and Auditing (AAA)
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Centralizing network authentication, authorization, and auditing (AAA)
Establishing and maintaining diagram(s) of architecture
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

12.4: Establish and Maintain Architecture Diagram(s)
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Establishing and maintaining diagram(s) of architecture
Blocking unnecessary types of files
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

9.6: Block Unnecessary File Types
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Blocking unnecessary types of files
Maintaining and enforcing URL filters based on network
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

9.3: Maintain and Enforce Network-Based URL Filters
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Maintaining and enforcing URL filters based on network
Configuring trusted DNS servers on enterprise assets
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

4.9: Configure Trusted DNS Servers on Enterprise Assets
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Configuring trusted DNS servers on enterprise assets
Procedure for implementing and managing a firewall on servers
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

4.4: Implement and Manage a Firewall on Servers
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Procedure for implementing and managing a firewall on servers
Process for secure configuration of network infrastructure
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

4.2: Establish and Maintain a Secure Configuration Process for Network Infrastructure
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Process for secure configuration of network infrastructure
Process for using a passive asset discovery tool
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

1.5: Use a Passive Asset Discovery Tool
CIS 18
See all related requirements and other information from tasks own page.
Go to >
Process for using a passive asset discovery tool
Secure hosting of systems
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

30.(1): Infromācijas sistēmas atbilstošā infrastruktūrā vai datu centros
NIS2 Latvia
See all related requirements and other information from tasks own page.
Go to >
Secure hosting of systems
Physically isolate the most critical subnets
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

2.2.4: Physically isolate the most critical subnets
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Physically isolate the most critical subnets
Ensure that maintenance of configurations, installations and operations are done securely
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

2.3.6: Ensure that maintenance of all configurations, installations and operations are done securely
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Ensure that maintenance of configurations, installations and operations are done securely
Block all direct traffic between clients
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

2.5.3: Block all direct traffic between clients
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Block all direct traffic between clients
Control the data flow of exposed services
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

2.5.5: Control the data flow of especially exposed services
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Control the data flow of exposed services
Protect critical services with their own data flow
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

2.5.6: Protect particularly critical services with their own data flow
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Protect critical services with their own data flow
Deciding which parts of the ICT system to monitor
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

3.2.3: Decide which parts of the ICT system to monitor
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Deciding which parts of the ICT system to monitor
Secure deployment of IoT devices
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

2.3.10: Reduce the risk posed by IoT devices
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Secure deployment of IoT devices
Protection of critical systems from Denial-of-Service (DoS) attacks
Critical
High
Normal
Low
Network security
3
requirements

Examples of other requirements this task affects

PR.DS-4: Adequate capacity to ensure availability is maintained.
CyberFundamentals
31: Centralizēta aizsardzība pret pakalpojumatteices kiberuzbrukumiem
NIS2 Latvia
Article 13.1(.2.h): Availability
CRA
See all related requirements and other information from tasks own page.
Go to >
Protection of critical systems from Denial-of-Service (DoS) attacks
Authenticated proxy servers for critical systems
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

PR.AC-5: Network integrity (network segregation, network segmentation… ) is protected.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Authenticated proxy servers for critical systems
Network areas and structurally secure network design
Critical
High
Normal
Low
Network security
23
requirements

Examples of other requirements this task affects

13.1.3: Segregation in networks
ISO 27001
PR.AC-5: Network integrity
NIST
8.22: Segregation of networks
ISO 27001
ARCHITECTURE-2: Implement Network Protections as an Element of the Cybersecurity Architecture
C2M2
CC6.6: Logical access security measures against threats from sources outside system boundries
SOC 2
See all related requirements and other information from tasks own page.
Go to >
Network areas and structurally secure network design
Network usage log and process for detecting inappropriate network traffic
Critical
High
Normal
Low
Network security
28
requirements

Examples of other requirements this task affects

I11: Poikkeamien havainnointikyky ja toipuminen
Katakri
12.4.1: Event logging
ISO 27001
13.1.1: Network controls
ISO 27001
PR.AC-3: Remote access management
NIST
PR.AC-5: Network integrity
NIST
See all related requirements and other information from tasks own page.
Go to >
Network usage log and process for detecting inappropriate network traffic
Protection of wireless connections
Critical
High
Normal
Low
Network security
13
requirements

Examples of other requirements this task affects

I05: Langattomat verkot
Katakri
13.1.2: Security of network services
ISO 27001
PR.PT-4: Communications and control networks
NIST
TEK-05: Langaton tiedonsiirto
Julkri
8.21: Security of network services
ISO 27001
See all related requirements and other information from tasks own page.
Go to >
Protection of wireless connections
Determining the responsibility of network devices
Critical
High
Normal
Low
Network security
7
requirements

Examples of other requirements this task affects

13.1.1: Network controls
ISO 27001
PR.AC-5: Network integrity
NIST
DE.CM-1: The network monitoring
NIST
8.20: Networks security
ISO 27001
DE.CM-1: The network is monitored to detect potential cybersecurity events.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Determining the responsibility of network devices
Päätelaitteiden tekninen tunnistaminen ennen verkkoon pääsyä (ST III-II)
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

I07: Tietojenkäsittely-ympäristön toimijoiden tunnistaminen
Katakri
See all related requirements and other information from tasks own page.
Go to >
Päätelaitteiden tekninen tunnistaminen ennen verkkoon pääsyä (ST III-II)
Ensuring system hardening
Critical
High
Normal
Low
Network security
12
requirements

Examples of other requirements this task affects

I08: Järjestelmäkovennus
Katakri
TEK-10: Järjestelmäkovennus
Julkri
TEK-10.2: Järjestelmäkovennus - kovennusten varmistaminen koko elinkaaren ajan
Julkri
PR.PT-3: The principle of least functionality is incorporated by configuring systems to provide only essential capabilities.
CyberFundamentals
2.3.3: Deactivate unnecessary functionality
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Ensuring system hardening
Structural security of networks (CL IV)
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

I01: Verkon rakenteellinen turvallisuus
Katakri
I-01: SECURE INTERCONNECTION OF CIS – SECURITY OF THE NETWORK ARCHITECTURE
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Structural security of networks (CL IV)
Structural security of networks (CL III–CL II)
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

I01: Verkon rakenteellinen turvallisuus
Katakri
I-01: SECURE INTERCONNECTION OF CIS – SECURITY OF THE NETWORK ARCHITECTURE
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Structural security of networks (CL III–CL II)
Network segmentation and filtering practices within the classification level
Critical
High
Normal
Low
Network security
11
requirements

Examples of other requirements this task affects

I02: Verkon vyöhykkeistäminen ja suodatussäännöstöt
Katakri
TEK-02: Tietoliikenne-verkon vyöhykkeistäminen
Julkri
ARCHITECTURE-2: Implement Network Protections as an Element of the Cybersecurity Architecture
C2M2
I-02: PRINCIPLE OF LEAST PRIVILEGE - SEGMENTING OF THE COMMUNICATION NETWORK AND FILTERING RULES WITHIN THE CLASSIFICATION LEVEL
Katakri 2020
PR.AC-5: Network integrity (network segregation, network segmentation… ) is protected.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Network segmentation and filtering practices within the classification level
Management of filtering and monitoring systems
Critical
High
Normal
Low
Network security
19
requirements

Examples of other requirements this task affects

I03: Suodatus- ja valvontajärjestelmien hallinnointi
Katakri
TEK-03: Suodatus- ja valvontajärjestelmien hallinnointi
Julkri
TEK-03.2: Suodatus- ja valvontajärjestelmien hallinnointi - dokumentointi
Julkri
TEK-03.3: Suodatus- ja valvontajärjestelmien hallinnointi - tarkastukset
Julkri
TEK-03.1: Suodatus- ja valvontajärjestelmien hallinnointi - vastuutus ja organisointi
Julkri
See all related requirements and other information from tasks own page.
Go to >
Management of filtering and monitoring systems
Security of administrative connections
Critical
High
Normal
Low
Network security
3
requirements

Examples of other requirements this task affects

I04: Hallintayhteydet
Katakri
TEK-04: Hallintayhteydet
Julkri
I-04: SECURE INTERCONNECTION OF CIS – MANAGEMENT CONNECTIONS
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Security of administrative connections
Palomuurisuojaus
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

6.6.3: Tekniset vaatimukset
Omavalvontasuunnitelma
See all related requirements and other information from tasks own page.
Go to >
Palomuurisuojaus
Firewall administration policies
Critical
High
Normal
Low
Network security
3
requirements

Examples of other requirements this task affects

FWL-01: Firewall administration policies
Cyber Essentials
DE.CM-1: The network is monitored to detect potential cybersecurity events.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Firewall administration policies
Documenting and managing the firewall administration policies
Critical
High
Normal
Low
Network security
9
requirements

Examples of other requirements this task affects

FWL-02: Documenting and managing the firewall administration policies
Cyber Essentials
PR.AC-5: Network integrity (network segregation, network segmentation… ) is protected.
CyberFundamentals
2.4.1: Establish access control on as many network ports as possible
NSM ICT-SP
2.5.7: Maintain control of data flow between the organisation and its partners / service providers
NSM ICT-SP
2.4.4: Activate firewall on all clients and servers
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Documenting and managing the firewall administration policies
Segregation of network access related to offered cloud services
Critical
High
Normal
Low
Network security
4
requirements

Examples of other requirements this task affects

13.1.3: Segregation in networks
ISO 27017
PR.AC-5: Network integrity
NIST
2.2.3: Segment the organisation’s network in accordance with its risk profile
NSM ICT-SP
§ 10.c: Nettverkssegmentering og privilegier
NIS2 NO
See all related requirements and other information from tasks own page.
Go to >
Segregation of network access related to offered cloud services
Remote connection management
Critical
High
Normal
Low
Network security
11
requirements

Examples of other requirements this task affects

PR.AC-3: Remote access management
NIST
I-18: HANDLING AND TRANSFER OF CLASSIFIED INFORMATION BETWEEN PHYSICALLY PROTECTED AREAS - REMOTE USE AND REMOTE MANAGEMENT
Katakri 2020
5.1.2: Information transfer
TISAX
PR.MA-2: Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access.
CyberFundamentals
PR.AC-3: Remote access is managed.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Remote connection management
Baseline for normal network traffic
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

DE.AE-1: Baseline of network operations
NIST
DE.AE-1: A baseline of network operations and expected data flows for users and systems is established and managed.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Baseline for normal network traffic
Remote maintenance of assets
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

PR.MA-2: Asset remote management and repair
NIST
PR.MA-2: Remote maintenance of organizational assets is approved, logged, and performed in a manner that prevents unauthorized access.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Remote maintenance of assets
Structural security of the network
Critical
High
Normal
Low
Network security
7
requirements

Examples of other requirements this task affects

TEK-01: Verkon rakenteellinen turvallisuus
Julkri
ARCHITECTURE-2: Implement Network Protections as an Element of the Cybersecurity Architecture
C2M2
PR.AC-5: Network integrity (network segregation, network segmentation… ) is protected.
CyberFundamentals
2.2.3: Segment the organisation’s network in accordance with its risk profile
NSM ICT-SP
2.3.10: Reduce the risk posed by IoT devices
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Structural security of the network
Tietojenkäsittely-ympäristöjen erottelu palomuurilla
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

TEK-01.2: Verkon rakenteellinen turvallisuus - palomuuri
Julkri
See all related requirements and other information from tasks own page.
Go to >
Tietojenkäsittely-ympäristöjen erottelu palomuurilla
Tietojenkäsittely-ympäristöjen erottelu
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

TEK-01.3: Verkon rakenteellinen turvallisuus - käsittely-ympäristöjen erottaminen
Julkri
See all related requirements and other information from tasks own page.
Go to >
Tietojenkäsittely-ympäristöjen erottelu
Principle of the least privilege in network zoning
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

TEK-02.1: Tietoliikenne-verkon vyöhykkeistäminen - vähimpien oikeuksien periaate
Julkri
I-02: PRINCIPLE OF LEAST PRIVILEGE - SEGMENTING OF THE COMMUNICATION NETWORK AND FILTERING RULES WITHIN THE CLASSIFICATION LEVEL
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Principle of the least privilege in network zoning
Kasautumisvaikutuksen huomiointi tietojenkäsittely-ympäristön suojauksessa
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

TEK-06: Kasautumisvaikutus
Julkri
See all related requirements and other information from tasks own page.
Go to >
Kasautumisvaikutuksen huomiointi tietojenkäsittely-ympäristön suojauksessa
Tietojenkäsittely-ympäristöjen yhdistäminen yhdyskäytäväratkaisulla (TL III)
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

TEK-01.5: Verkon rakenteellinen turvallisuus - yhdyskäytäväratkaisun käyttö - TL III
Julkri
See all related requirements and other information from tasks own page.
Go to >
Tietojenkäsittely-ympäristöjen yhdistäminen yhdyskäytäväratkaisulla (TL III)
Structural security of networks in classification level II environments (CL II)
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

TEK-01.6: Verkon rakenteellinen turvallisuus - käsittely - TL II
Julkri
I-01: SECURE INTERCONNECTION OF CIS – SECURITY OF THE NETWORK ARCHITECTURE
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Structural security of networks in classification level II environments (CL II)
Structural security of networks in classification level I environments (CL I)
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

TEK-01.7: Verkon rakenteellinen turvallisuus - käsittely - TL I
Julkri
I-01: SECURE INTERCONNECTION OF CIS – SECURITY OF THE NETWORK ARCHITECTURE
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Structural security of networks in classification level I environments (CL I)
System hardening in classified environments (CL III)
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

TEK-10.3: Järjestelmäkovennus - turvallisuusluokitellut ympäristöt - TL III
Julkri
I-08: PRINCIPLE OF MINIMALITY AND OF LEAST PRIVILEGE - SYSTEMS HARDENING
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
System hardening in classified environments (CL III)
Device identification in remote access (CL III)
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

TEK-18.6: Etäkäyttö - laitetunnistus - TL III
Julkri
I-18: HANDLING AND TRANSFER OF CLASSIFIED INFORMATION BETWEEN PHYSICALLY PROTECTED AREAS - REMOTE USE AND REMOTE MANAGEMENT
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Device identification in remote access (CL III)
Additional security requirements for remote access (CL III)
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

TEK-18.7: Etäkäyttö - TL III
Julkri
I-18: HANDLING AND TRANSFER OF CLASSIFIED INFORMATION BETWEEN PHYSICALLY PROTECTED AREAS - REMOTE USE AND REMOTE MANAGEMENT
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
Additional security requirements for remote access (CL III)
Defining standard templates for secure configurations
Critical
High
Normal
Low
Network security
14
requirements

Examples of other requirements this task affects

8.9: Configuration management
ISO 27001
ASSET-3: Manage IT and OT Asset Configuration
C2M2
CC7.1: Procedures for monitoring changes to configurations
SOC 2
1.2.4: Definition of responsibilities with service providers
TISAX
9.3 §: Tietojärjestelmien hankinta ja kehittäminen
Kyberturvallisuuslaki
See all related requirements and other information from tasks own page.
Go to >
Defining standard templates for secure configurations
Configuration management and change log
Critical
High
Normal
Low
Network security
12
requirements

Examples of other requirements this task affects

8.9: Configuration management
ISO 27001
CC7.1: Procedures for monitoring changes to configurations
SOC 2
1.2.4: Definition of responsibilities with service providers
TISAX
PR.IP-3: Configuration change control processes are in place.
CyberFundamentals
DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software is performed.
CyberFundamentals
See all related requirements and other information from tasks own page.
Go to >
Configuration management and change log
Isolate vulnerable and low-trust equipment
Critical
High
Normal
Low
Network security
1
requirements

Examples of other requirements this task affects

2.5.4: Isolate vulnerable and low-trust equipment
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Isolate vulnerable and low-trust equipment
Redundancy solutions for networks
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

5.3.2: Network device requirements
TISAX
PR.IR-04: Resource capacity
NIST 2.0
See all related requirements and other information from tasks own page.
Go to >
Redundancy solutions for networks
Detailed procedures for the management, control and segmentation of networks
Critical
High
Normal
Low
Network security
7
requirements

Examples of other requirements this task affects

5.2.7: Network management
TISAX
14.5.10.b): Prieigos kontrolė
NIS2 Lithuania
PR.IR-01: Unauthorized access to networks and environments
NIST 2.0
Članak 30.1.e: Sigurnost u nabavi, razvoju i održavanju mrežnih i informacijskih sustava
NIS2 Croatia
3.1.8: Säkrade lösningar för kommunikation
NIS2 Sweden
See all related requirements and other information from tasks own page.
Go to >
Detailed procedures for the management, control and segmentation of networks
System hardening through minimization of active services
Critical
High
Normal
Low
Network security
2
requirements

Examples of other requirements this task affects

TEK-10.1: Järjestelmäkovennus - käytössä olevien palveluiden minimointi
Julkri
I-08: PRINCIPLE OF MINIMALITY AND OF LEAST PRIVILEGE - SYSTEMS HARDENING
Katakri 2020
See all related requirements and other information from tasks own page.
Go to >
System hardening through minimization of active services
Monitoring configurations
Critical
High
Normal
Low
Network security
10
requirements

Examples of other requirements this task affects

8.9: Configuration management
ISO 27001
1.2.4: Definition of responsibilities with service providers
TISAX
DE.CM-7: Monitoring for unauthorized personnel, connections, devices, and software is performed.
CyberFundamentals
2.5.1: Control data flow between network zones
NSM ICT-SP
2.3.5: Verify that activated security configurations comply with the organisation’s approved security configurations
NSM ICT-SP
See all related requirements and other information from tasks own page.
Go to >
Monitoring configurations

Never duplicate effort. Do it once - improve compliance across frameworks.

Reach multi-framework compliance in the simplest possible way
Security frameworks tend to share the same core requirements - like risk management, backup, malware, personnel awareness or access management.
Cyberday maps all frameworks’ requirements into shared tasks - one single plan that improves all frameworks’ compliance.
Do it once - we automatically apply it to all current and future frameworks.
Start free trial
Get to know Cyberday
Start your free trial
Cyberday is your all-in-one solution for building a secure and compliant organization. Whether you're setting up a cyber security plan, evaluating policies, implementing tasks, or generating automated reports, Cyberday simplifies the entire process.
With AI-driven insights and a user-friendly interface, it's easier than ever to stay ahead of compliance requirements and focus on continuous improvement.
Clear framework compliance plans
Activate relevant frameworks and turn them into actionable policies tailored to your needs.
Credible reports to proof your compliance
Use guided tasks to ensure secure implementations and create professional reports with just a few clicks.
AI-powered improvement suggestions
Focus on the most impactful improvements in your compliance with help from Cyberday AI.
Effortless compliance improvement
Widest framework library in EU
Extensive support

Start your compliance journey

Use in MS Teams or use your browser with Slack integration.
Risk free trial. No credit card required. Stop at any time.

Start free 14-day trial
Book a meeting
How it works?
SummarySecurity tasks and assuranceDocumentation workflowsEmployee guidelinesReporting templates
Use cases
By frameworkAll frameworksISO 27001NIS2 directiveNIST CSFCSA CCMISO 27701GDPRISO 27017ISO 27018
By methodCyber risk managementEmployee awarenessCompliance reportingControl managementAsset managementPrivacy managementVendor assessments
Resources
AcademyWebinarsBlogHelp articlesVideo coursesContent libraryGuidesNewsletterLeave a reviewPartner programTeamTerms of usePrivacy policy
Contact us
+358 10 231 6010
team@cyberday.ai
App works in:
Known in Finland as Digiturvamalli
© Cyberday Inc. Kalevantie 2 33100 Tampere, Finland
Cyberday.ai - Improve and certify your cyber security