Controls

Terug naar overzicht
Version

SB.11.004 Network Segmentation and zoning

Medium
Medium
Medium
Network Security
Organisation
v2.0 (Q1 2024)

Description

Networks are segmented if they serve different business purposes or have differing risk levels, determined by the classification of the assets in the same segment.

Each network segment is separated by a (virtual) Firewall.

Best practices for Network Naming Security are followed.

Managed systems belong to one organisationally managed security domain.

Specification

DNS servers only allow zone transfers between authorised internal DNS servers.

DNSSEC is implemented for DNS zones owned by the organisation.