Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Network Infrastructure Policy Security Technical Implementation Guide
NET0348
All Internet-facing applications must be hosted in a DoD Demilitarized Zone (DMZ) Extension.
All Internet-facing applications must be hosted in a DoD Demilitarized Zone (DMZ) Extension.
An XCCDF Rule
Details
Profiles
Prose
All Internet-facing applications must be hosted in a DoD Demilitarized Zone (DMZ) Extension.
Medium Severity
<VulnDiscussion>Without the protection of a DMZ, production networks will be prone to outside attacks as they are allowing externally accessible services to be accessed on the internal LAN. This can cause many undesired consequences such as access to the entire network, Denial of Service attacks, or theft of sensitive information.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>