Gitlab hero border pattern left svg Gitlab hero border pattern right svg

NO.1.01 - Network Policy Enforcement Points Control Guidance

On this page

NO.1.01 - Network Policy Enforcement Points

Control Statement

Network traffic to and from untrusted networks passes through a policy enforcement point; firewall rules are established in accordance to identified security requirements and business justifications.

Context

Effective network traffic policies help minimize the risk of network-based attacks, including denial of service attacks and malicious data exfiltration. By requiring ingress and egress rules be mapped to security requirements and business justifications, we can limit the number of unnecessarily open ports to protect customer, GitLab team-member teammember, and partner data.

Scope

This control applies to any GitLab system or infrastructure.

Ownership

TBD

Implementation Guidance

For detailed implementation guidance relevant to GitLab team-members, refer to the full guidance documentation.

For all reference links relevant to this control, refer to the full guidance documentation.

Examples of evidence an auditor might request to satisfy this control

For examples of evidence an auditor might request, refer to the full guidance documentation.

Framework Mapping