FedRAMP Control Explorer

Controls

Access Control

Assessment, Authorization, and Monitoring

Audit and Accountability

Awareness and Training

Configuration Management

Contingency Planning

Identification and Authentication

Incident Response

Maintenance

Media Protection

Personnel Security

Physical and Environmental Protection

Planning

Risk Assessment

Supply Chain Risk Management

System and Communications Protection

System and Information Integrity

System and Services Acquisition

SC-10 Network Disconnect

Control

Terminate the network connection associated with a communications session at the end of the session or after [no longer than ten (10) minutes for privileged sessions and no longer than fifteen (15) minutes for user sessions] of inactivity.

Discussion

Network disconnect applies to internal and external networks. Terminating network connections associated with specific communications sessions includes de-allocating TCP/IP address or port pairs at the operating system level and de-allocating the networking assignments at the application level if multiple application sessions are using a single operating system-level network connection. Periods of inactivity may be established by organizations and include time periods by type of network access or for specific network accesses.

FedRAMP-Defined Assignment / Selection Parameters

N/A