W. Va. Code R. § 179-10-17

Current through Register Vol. XLI, No. 50, December 13, 2024
Section 179-10-17 - Security Requirements
17.1. Networks should be logically separated so that there should be no network traffic on a network link that cannot be serviced by hosts on that link.
17.2. Networks must meet all of the following requirements to assure security:
17.2.1. The failure of any single item should not result in denial of service;
17.2.2. An intrusion detection system/intrusion system must be installed on the network and monitored.
17.2.3. Each server instance in cloud and virtualized environments should perform only one function.
17.2.4. In virtualized environments, redundant server instances cannot run under the same hypervisor.
17.2.5. Stateless protocols should not be used for sensitive data without stateful transport.
17.2.6. All changes to the network infrastructure must be logged and configuration documentation updated.

W. Va. Code R. § 179-10-17