Skip to main content

SC-7 Boundary Protection

Description

This Control addresses how the university monitors and controls networks at the external boundary of the network and at key internal boundaries within the network.

Applicability

  • The Chief Information Security Officer (CISO), or designee, is responsible for implementing this Control.

Implementation

  • 1 - The CISO, or designee, is responsible for:

    • 1.1 - Monitoring and controlling the external boundary of the network and at key internal boundaries within the network;
    • 1.2 - Implementing subnetworks for publicly accessible system components that are logically separated from internal university networks; and
    • 1.3 - Ensuring that connections to external networks or information systems occur only through managed interfaces consisting of boundary protection devices arranged in accordance with an approved security architecture.