OpenStack Platform 13 - System and Communications Protection

Control responses for NIST 800-53 rev4.


Requirements Traceability Matrix

Control Name Status
SC-1 System And Communications Protection Policy And Procedures

not applicable

SC-2 Application Partitioning

planned

SC-2 (1) Interfaces For Non-Privileged Users
SC-3 Security Function Isolation
SC-3 (1) Hardware Separation
SC-3 (2) Access / Flow Control Functions
SC-3 (3) Minimize Nonsecurity Functionality
SC-3 (4) Module Coupling And Cohesiveness
SC-3 (5) Layered Structures
SC-4 Information In Shared Resources

planned

SC-4 (1) Security Levels
SC-4 (2) Periods Processing
SC-5 Denial Of Service Protection

not applicable

SC-5 (1) Restrict Internal Users
SC-5 (2) Excess Capacity / Bandwidth / Redundancy
SC-5 (3) Detection / Monitoring
SC-6 Resource Availability

planned

SC-7 Boundary Protection

planned

SC-7 (1) Physically Separated Subnetworks
SC-7 (2) Public Access
SC-7 (3) Access Points

planned

SC-7 (4) External Telecommunications Services

planned

SC-7 (5) Deny By Default / Allow By Exception

planned

SC-7 (6) Response To Recognized Failures
SC-7 (7) Prevent Split Tunneling For Remote Devices

planned

SC-7 (8) Route Traffic To Authenticated Proxy Servers

planned

SC-7 (9) Restrict Threatening Outgoing Communications Traffic
SC-7 (10) Prevent Unauthorized Exfiltration

planned

SC-7 (11) Restrict Incoming Communications Traffic
SC-7 (12) Host-Based Protection

planned

SC-7 (13) Isolation Of Security Tools / Mechanisms / Support Components

not applicable

SC-7 (14) Protects Against Unauthorized Physical Connections
SC-7 (15) Route Privileged Network Accesses
SC-7 (16) Prevent Discovery Of Components / Devices
SC-7 (17) Automated Enforcement Of Protocol Formats
SC-7 (18) Fail Secure