STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← AC-4 (1) — Information Flow Enforcement

CCI-002190

Definition

Use organization-defined security attributes associated with organization-defined information, source, and destination objects to enforce organization-defined information flow control policies as a basis for flow control decisions.

Parent Control

AC-4 (1)Information Flow EnforcementAccess Control

Linked STIG Checks (7)

V-204986CAT IIThe ALG that is part of a CDS must use source and destination security attributes associated with organization-defined information, source, and/or destination objects to enforce organization-defined information flow control policies as a basis for flow control decisions.Application Layer Gateway Security Requirements Guide V-220130CAT IIThe Arista Multilayer Switch must enforce information flow control using explicit security attributes (for example, IP addresses, port numbers, protocol, Autonomous System, or interface) on information, source, and destination objects.Arista MLS DCS-7000 Series RTR Security Technical Implementation Guide V-278972CAT IIThe firewall must use organization-defined security attributes associated with organization-defined information, source, and destination objects to enforce organization-defined information flow control policies as a basis for flow control decisions.Firewall Security Requirements Guide V-278978CAT IIThe IDPS must use organization-defined security attributes associated with organization-defined information, source, and destination objects to enforce organization-defined information flow control policies as a basis for flow control decisions.Intrusion Detection and Prevention Systems Security Requirements Guide V-278982CAT IIThe layer 2 switch must use organization-defined security attributes associated with organization-defined information, source, and destination objects to enforce organization-defined information flow control policies as a basis for flow control decisions.Layer 2 Switch Security Requirements Guide V-279000CAT IIThe router must use organization-defined security attributes associated with organization-defined information, source, and destination objects to enforce organization-defined information flow control policies as a basis for flow control decisions.Router Security Requirements Guide V-279020CAT IIThe VPN Gateway must use organization-defined security attributes associated with organization-defined information, source, and destination objects to enforce organization-defined information flow control policies as a basis for flow control decisions.Virtual Private Network (VPN) Security Requirements Guide