Controls/Operational Security/9.3
L1 EssentialAutomated verification

9.3 Network Isolation

9. Operational SecurityHow do we run agents safely?

Description

Agent network access MUST be restricted to required endpoints only.

Rationale

Unrestricted network access enables data exfiltration and lateral movement.

Audit Procedure

1. List all network connections
2. Check firewall rules
3. Verify egress filtering

Remediation

1. Implement network policies
2. Use egress proxy
3. Implement DNS filtering

Framework Mappings

CIS Control 12.2NIST PR.AC-5