Description

This Control addresses how the university monitors and controls networks at the external boundary of the network and at key internal boundaries within the network.

Applicability

  • The Chief Information Security Officer (CISO), or designee, is responsible for implementing this Control.

Implementation

  • 1

    The CISO, or designee, is responsible for:

    • 1.1

      Monitoring and controlling the external boundary of the network and at key internal boundaries within the network;

    • 1.2

      Implementing subnetworks for publicly accessible system components that are logically separated from internal university networks; and

    • 1.3

      Ensuring that connections to external networks or information systems occur only through managed interfaces consisting of boundary protection devices arranged in accordance with an approved security architecture.