NIST 800-171 R-3.13.5

Implement DMZ Subnetworks

Official citation: 3.13.5

Class: core · Severity: high

Statement of the obligation — verify against source

3.13.5

What it means

Place publicly accessible components, like public-facing web servers, on subnetworks that are physically or logically separated from your internal networks — a DMZ — so internet-facing services can't serve as a direct path into the internal systems that hold CUI.

Educational reference only — not legal advice. Consult a qualified assessor or attorney for binding compliance determinations.