STIGs RMF Controls Compare

STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago

Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.

← SC-7 (3) — Boundary Protection

CCI-001101

Definition

Limit the number of external network connections to the system.

Parent Control

SC-7 (3)Boundary ProtectionSystem and Communications Protection

Linked STIG Checks (3)

V-251333CAT IWritten mission justification approval must be obtained from the Office of the DoD CIO prior to establishing a direct connection to the Internet via commercial service provider outside DoD CIO approved Internet access points (e.g. DISA IAP, Cloud Access Point, NIPRnet Federated Gateway, DREN IAP, etc.).Network Infrastructure Policy Security Technical Implementation Guide V-251357CAT IIIf the site has a non-DoD external connection (i.e. Approved Gateway), an Intrusion Detection and Prevention System (IDPS) must be located between the sites Approved Gateway and the perimeter router.Network Infrastructure Policy Security Technical Implementation Guide V-281346CAT IIRHEL 10 must prevent Internet Protocol version 4 (IPv4) Internet Control Message Protocol (ICMP) redirect messages from being accepted.Red Hat Enterprise Linux 10 Security Technical Implementation Guide