Guard (System)

From FISMApedia

Jump to: navigation, search

NIST SP 800-53r1

A mechanism limiting the exchange of information between information systems or subsystems.

NIST SP 800-53r2

A mechanism limiting the exchange of information between information systems or subsystems. (CNSS Inst. 4009, Adapted)

NSTISSAM COMPUSEC/1-98

Guards are distinguished from firewalls in three major ways: a. Guards have an application filtering capability that is much stronger than a typical application filtering firewall. Guards use a reclassifier application to control what data is passed from one enclave to another. The reclassifier application uses a collection of filters to review application data content. b. Guard software is generally developed to meet higher assurance requirements. c. Guards undergo a much more extensive test and evaluation (e.g. source code analysis, unconstrained penetration testing, and design documentation review) to provide a significantly higher level of confidence that they will operate correctly.

Retrieved from "http://fismapedia.org/index.php?title=Guard_(System)"
Personal tools