Control requirements

Implementation guidance

See the resources that follow to learn more about how to implement this control.

• Connectivity to IBM Cloud services with Satellite Link

• Ensuring isolation between Satellite management functions and workload functions

• Accessing external resources from the Satellite location

• Consumer connectivity to workload resources

• Creating and connecting the management and workload VPCs

• Accessing the public internet

• Connectivity to IBM Cloud services with private endpoints

• Consumer connectivity to workload VPC

NIST supplemental guidance

Denial-of-service events may occur due to a variety of internal and external causes, such as an attack by an adversary or a lack of planning to support organizational needs with respect to capacity and bandwidth. Such attacks can occur across a wide range of network protocols (e.g., IPv4, IPv6). A variety of technologies are available to limit or eliminate the origination and effects of denial-of-service events. For example, boundary protection devices can filter certain types of packets to protect system components on internal networks from being directly affected by or the source of denial-of-service attacks. Employing increased network capacity and bandwidth combined with service redundancy also reduces the susceptibility to denial-of-service events.