Print This Page

Network

See Networks

Cloud Controls Matrix (CCM) Data

SA-08 | Security Architecture | Network Security

Control Specification +-

Network environments shall be designed and configured to restrict connections between trusted and untrusted networks and reviewed at planned intervals, documenting the business justification for use of all services, protocols, and ports allowed, including rationale or compensating controls implemented for those protocols considered to be insecure. Network architecture diagrams must clearly identify high-risk environments and data flows that may have regulatory compliance impacts.

Architectural Relevance +-

PhysicalNetworkComputeAppData
True True True True True

Corp Gov Relevance +-

Corp Gov Relevance
False

Cloud Service Delivery Model Applicability +-

SaaSPaaSIaaS
True True True

Supplier Relationship +-

Service ProviderTenant / Consumer
True True

Scope Applicability +-

COBIT 4.1HIPAA / HITECH ActISO/IEC 27001-2005

A.10.6.1
A.10.6.2
A.10.9.1
A.10.10.2
A.11.4.1
A.11.4.5
A.11.4.6
A.11.4.7
A.15.1.4

NIST SP800-53 R3FedRAMP (Final 2012) Low ImpactFedRAMP (Final 2012) Moderate ImpactPCI DSS v2.0

SC-7

NIST SP 800-53 R3 CM-7
NIST SP 800-53 R3 SC-7

NIST SP 800-53 R3 CM-7
NIST SP 800-53 R3 CM-7 (1)
NIST SP 800-53 R3 SC-7
NIST SP 800-53 R3 SC-7 (1)
NIST SP 800-53 R3 SC-7 (2)
NIST SP 800-53 R3 SC-7 (3)
NIST SP 800-53 R3 SC-7 (4)
NIST SP 800-53 R3 SC-7 (5)
NIST SP 800-53 R3 SC-7 (7)
NIST SP 800-53 R3 SC-7 (8)
NIST SP 800-53 R3 SC-7 (12)
NIST SP 800-53 R3 SC-7 (13)
NIST SP 800-53 R3 SC-7 (18)

1.1
1.1.2
1.1.3
1.1.5
1.1.6
1.2
1.2.1
2.2.2
2.2.3

BITS Shared Assessments SIG v6.0BITS Shared Assessments SIG v5.0GAPP (Aug 2009)

G.9.17, G.9.7, G.10, G.9.11, G.14.1, G.15.1, G.9.2, G.9.3, G.9.13

G.2
G.4
G.15
G.16
G.17
G.18
I.3

8.2.5

Jericho ForumNERC CIP

Commandment #1
Commandment #2
Commandment #3
Commandment #9
Commandment #10
Commandment #11

CIP-004-3 R2.2.4

Consensus Assessments Initiative Questionnaire (CAIQ) Data

Security Architecture (SA) | ID #SA-08.1

For your IaaS offering, do you provide customers with guidance on how to create a layered security architecture equivalence using your virtualized solution?

Compliance Mapping +-

COBITHIPAAISO27001SP800_53

A.10.6.1
A.10.6.2
A.10.9.1
A.10.10.2
A.11.4.1
A.11.4.5
A.11.4.6
A.11.4.7
A.15.1.4

NIST SP800-53 R3 SC-7

FedRAMPPCI_DSSBITSGAPP

PCI DSS v2.0 1.1
PCI DSS v2.0 1.1.2
PCI DSS v2.0 1.1.3
PCI DSS v2.0 1.1.5
PCI DSS v2.0 1.1.6
PCI DSS v2.0 1.2
PCI DSS v2.0 1.2.1
PCI DSS v2.0 2.2.2, PCI DSS v2.0 2.2.3

GAPP Ref 8.2.5

Model Applicability +-

SaaSPaaSIaaS
True True True

Scope Applicability +-

SPCUST
True True