Section 999.144 - ERDS Security Requirements for Network Security(a) An ERDS shall be required to meet all of the network security requirements as follows: (1) ERDS shall comply with the minimum requirements set forth in NIST Special Publication 800-52 Revision 1, Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations (publication date, April 2014).(2) Network security controls shall be implemented to prevent unauthorized network traffic from reaching ERDS components.(3) ERDS components shall be protected from unauthorized network access. Network perimeter security controls shall be implemented to prevent unauthorized network traffic from reaching ERDS components. At a minimum, network devices shall do all of the following:(A) Employ stateful packet inspection.(B) Block unauthorized connections by limiting connection attempts addressed to ERDS components to those necessary for ERDS operation.(C) Be designed and configured to fail securely in the event of an operational failure.(D) An intrusion detection and prevention technology shall be configured to alert and or prevent intrusion into the ERDS.Cal. Code Regs. Tit. 11, § 999.144
1. New section filed 7-31-2007; operative 8-30-2007 (Register 2007, No. 31).
2. Amendment of subsections (a)(3) and (a)(4) filed 8-11-2014; operative 10-1-2014 (Register 2014, No. 33).
3. Amendment filed 10-7-2019; operative 1-1-2020 (Register 2019, No. 41). Note: Authority cited: Section 27393, Government Code. Reference: Sections 27393(b)(2) and 27397.5, Government Code.
1. New section filed 7-31-2007; operative 8-30-2007 (Register 2007, No. 31).
2. Amendment of subsections (a)(3) and (a)(4) filed 8-11-2014; operative 10/1/2014 (Register 2014, No. 33).
3. Amendment filed 10-7-2019; operative 1/1/2020 (Register 2019, No. 41).