Network Communications – Deny by Default – Allow by Exception from NIST 800-171 Rev 3 framework

SAMMY works best on screens 1024px wide or larger.

Access Control
Awareness and Training
- Literacy Training and Awareness
- Role-Based Training
Audit and Accountability
Configuration Management
Identification and Authentication
Incident Response
Maintenance
Media Protection
Personnel Security
- Personnel Screening
- Personnel Termination and Transfer
Physical Protection
Risk Assessment
Security Assessment and Monitoring
System and Communications Protection
System and Information Integrity
Planning
System and Services Acquisition
Supply Chain Risk Management

03.13.06: Network Communications – Deny by Default – Allow by Exception

Network Communications – Deny by Default – Allow by Exception

03.13.06: Network Communications – Deny by Default – Allow by Exception

Deny network communications traffic by default, and allow network communications traffic by exception.

Description

This requirement applies to inbound and outbound network communications traffic at the system boundary and at identified points within the system. A deny-all, allow-by-exception network communications traffic policy ensures that only essential and approved connections are allowed.