Network protections include monitoring, analysis, and control of network traffic for selected security zones (for example, firewalls, allowlisting, intrusion detection and prevention systems (IDPS))
Context and Guidance: Network protections include capabilities to monitor, analyse, and control network traffic. Different security zones may require increased levels of network protections based on cybersecurity requirements. For example, if the organisation has a network segment for devices that connect via a guest Wi-Fi access point, network traffic may not be heavily monitored but there would be increased control to ensure it does not cross over to the internal network. As another example, a management network may be heavily monitored, actions performed on the network may be subject to increased analysis, and access may be strictly controlled.
Related Practices • Progression: This practice is part of a practice progression. Practice progressions are groups of related practices that represent increasingly complete or more advanced implementations of an activity. The practices in this progression include: ARCHITECTURE-2a, ARCHITECTURE-2c, ARCHITECTURE-2e, ARCHITECTURE-2f, ARCHITECTURE-2g, ARCHITECTURE-2k.