STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Cloud Computing Mission Owner Network Security Requirements Guide

V-259866

CAT II (Medium)

The Infrastructure as a Service (IaaS)/Platform as a Service (PaaS) must be configured to maintain separation of all management and data traffic.

Rule ID

SV-259866r945586_rule

STIG

Cloud Computing Mission Owner Network Security Requirements Guide

Version

V1R2

CCIs

CCI-001097

Discussion

The Virtual Datacenter Management system provides a management plane for privileged access and communications. Separation of management and user traffic, including access to the customer service portal, is provided to the DOD Mission Owner by the cloud service provider (CSP) to provision and configure cloud service offerings. Additionally, service endpoints for application program interfaces (APIs) and command line interfaces (CLIs) are available as part of the Customer Portal network. These systems can be accessed through the internet by DOD privileged users only (e.g., DOD system and network administrators).

Check Content

This applies to all Impact Levels.

If this is a Software as a Service (SaaS) implementation, this is not a finding.

Verify the IaaS/PaaS is configured to maintain logical separation of all management and data traffic.

If the IaaS/PaaS does not maintain separation of all management and data traffic, this is a finding.

Fix Text

This applies to all Impact Levels.
FedRAMP Moderate, High.

Configure the IaaS/PaaS to maintain separation of all management and data traffic.