← Back to catalog
SC-32
System Partitioning
System and Communications Protection (SC)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description
Partition the system into [assignment] residing in separate [assignment] domains or environments based on [assignment].
Discussion
System partitioning is part of a defense-in-depth protection strategy. Organizations determine the degree of physical separation of system components. Physical separation options include physically distinct components in separate racks in the same room, critical components in separate rooms, and geographical separation of critical components. Security categorization can guide the selection of candidates for domain partitioning. Managed interfaces restrict or prohibit network access and information flow among partitioned system components.
Implementation guidance
No content available.
CSF 2.0 crosswalk
PR.DS-01The confidentiality, integrity, and availability of data-at-rest are protectedProtect
PR.DS-10Protect