CFG-03.4: Split Tunneling

CFG-03.4 · Split Tunneling

Control Description

Mechanisms exist to prevent split tunneling for remote devices unless the split tunnel is securely provisioned using organization-defined safeguards.

Control Question

Assessment question for control validation

Does the organization prevent split tunneling for remote devices unless the split tunnel is securely provisioned using organization-defined safeguards? Prevent split tunneling for remote devices unless the split tunnel is securely provisioned using organization-defined safeguards?

Control Weighting

Validation Cadence

Annual

NIST CSF Function

Protect

Supply Chain Risk Management (SCRM) Tiers

Applicable SCRM tier levels for this control

Tier 3 - Tactical

Core Control Designations

Special designations and baseline inclusions

MAD: CFG-03.4