Red Hat Virtualization Manager - System and Communications Protection

Control responses for NIST 800-53 rev4.


Requirements Traceability Matrix

Control Name Status
SC-1 System And Communications Protection Policy And Procedures

not applicable

SC-2 Application Partitioning

planned

SC-2 (1) Interfaces For Non-Privileged Users

planned

SC-3 Security Function Isolation

planned

SC-3 (1) Hardware Separation

not applicable

SC-3 (2) Access / Flow Control Functions

planned

SC-3 (3) Minimize Nonsecurity Functionality

planned

SC-3 (4) Module Coupling And Cohesiveness

planned

SC-3 (5) Layered Structures

not applicable

SC-4 Information In Shared Resources

planned

SC-4 (1) Security Levels

not applicable

SC-4 (2) Periods Processing

planned

SC-5 Denial Of Service Protection

planned

SC-5 (1) Restrict Internal Users

planned

SC-5 (2) Excess Capacity / Bandwidth / Redundancy

planned

SC-5 (3) Detection / Monitoring

not applicable

SC-6 Resource Availability

planned

SC-7 Boundary Protection

planned

SC-7 (1) Physically Separated Subnetworks

not applicable

SC-7 (2) Public Access

not applicable

SC-7 (3) Access Points

planned

SC-7 (4) External Telecommunications Services

not applicable

SC-7 (5) Deny By Default / Allow By Exception

planned

SC-7 (6) Response To Recognized Failures

not applicable

SC-7 (7) Prevent Split Tunneling For Remote Devices

planned

SC-7 (8) Route Traffic To Authenticated Proxy Servers

not applicable

SC-7 (9) Restrict Threatening Outgoing Communications Traffic

not applicable

SC-7 (10) Prevent Unauthorized Exfiltration

not applicable

SC-7 (11) Restrict Incoming Communications Traffic

planned

SC-7 (12) Host-Based Protection

planned

SC-7 (13) Isolation Of Security Tools / Mechanisms / Support Components

planned

SC-7 (14) Protects Against Unauthorized Physical Connections

planned

SC-7 (15) Route Privileged Network Accesses

planned

SC-7 (16) Prevent Discovery Of Components / Devices

planned

SC-7 (17) Automated Enforcement Of Protocol Formats

planned

SC-7 (18) Fail Secure

not applicable

SC-7 (19) Blocks Communication From Non-Organizationally Configured Hosts

planned

SC-7 (20) Dynamic Isolation / Segregation

planned

SC-7 (21) Isolation Of Information System Components

planned

SC-7 (22) Separate Subnets For Connecting To Different Security Domains

planned

SC-7 (23) Disable Sender Feedback On Protocol Validation Failure

planned

SC-8 Transmission Confidentiality And Integrity

planned

SC-8 (1) Cryptographic Or Alternate Physical Protection

planned

SC-8 (2) Pre / Post Transmission Handling

planned

SC-8 (3) Cryptographic Protection For Message Externals

planned

SC-8 (4) Conceal / Randomize Communications

planned

SC-9 Transmission Confidentiality

not applicable

SC-10 Network Disconnect

planned

SC-11 Trusted Path

planned

SC-11 (1) Logical Isolation

planned

SC-12 Cryptographic Key Establishment And Management
SC-12 (1) Availability
SC-12 (2) Symmetric Keys
SC-12 (3) Asymmetric Keys
SC-12 (4) Pki Certificates