Requirement:
The cybersecurity requirements for network security management must be implemented.
Control Implementation Guidelines:
- Implement all cybersecurity requirements for network security in the organization, including the following:
- Ensure physical or logical segregation and division of the organization's network parts
- Use Firewall to protect the organization's networks
- Implement the principle of multi-stage security defense (Defense-in-Depth) to provide advanced and more effective protection for the organization's network devices
- Isolate the production environment network from the development and testing networks of the organization
- Ensure security of navigation and internet connection in the organization, including setting up network devices and restricting access to suspicious websites
- Protect the internet browsing channel from advanced persistent threats
- Ensure the security and protection of wireless networks at the organization
- Ensure the security of the organization's network ports, protocols, and services restrictions and management
- Use advanced protection systems to detect and prevent intrusions in the organization's networks
- Ensure the security of the organization's DNS
- Establish procedures to ensure the continuous implementation of cybersecurity requirements adopted for the organization's network security management in accordance with the relevant laws and regulations
Expected Deliverables:
- An action plan to implement the cybersecurity requirements of information and technology assets management
- Sample showing the implementation of the organization's network security management controls, including but not limited to:
- Sample that shows the organization's use of modern technologies for network security management, as well as restrictions and management of network ports, protocols and services
- Sample that shows network configuration to prevent critical systems from being connected to the organization's wireless network
- Sample showing implementation of logical isolation between production environment network, test environment network, and other networks
- Sample of defined and approved procedures for handling critical network devices and systems of the organization
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
CMMC Level 1 Compliance
Become compliant, provide compliance services, or verify partner compliance with CMMC Level 1 Basic Safeguarding of Covered Contractor Information Systems requirements.
NIST SP 800-171 & CMMC Level 2 Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC Level 2 requirements.
HIPAA Compliance
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.