Administrative interfaces (other than application-level) are only accessible from an internal zone designated for administrative tasks. Access to this zone is secured via jumpservers. These jumpservers are used exclusively for the privileged actions.
Specification
There is a security architecture which describes the segments and this architecture is implemented
ISO 27001 & 27002:2022
A8.2,
A8.5,
A8.15,
A8.20,
A8.21,
A8.22
SURF toetsingskader informatiebeveiliging (NBA-volwassenheidsmodel)
SM.11 Network security
ID.03 Super users