Use Protocol Breaks to Separate Network Layers
Ensure data flows are separated by breaking protocols at each network level for security.
🏛️ Framework
ASD Information Security Manual (ISM)
🧭 Control effect
Preventative
🔐 Classifications
S, TS
🗓️ ISM last updated
Feb 2022
✏️ Control Stack last updated
22 Feb 2026
🎯 E8 maturity levels
N/A
CDSs implement protocol breaks at each network layer.
Source: ASD Information Security Manual (ISM)
Plain language
This control is about making sure that the flow of data through different networks has breaks between each layer. Think of it like having walls between rooms in your house to keep each section private and secure. If you don't have these breaks, sensitive information could leak from one network area to another, creating a risk of data breaches.
Why it matters
Without protocol breaks between network layers, traffic can traverse unintended paths, enabling cross-layer data leakage and raising the likelihood of compromise.
Operational notes
Regularly verify protocol breaks at each network layer (e.g., gateways/guards), review boundary rules, and monitor for misconfigurations that enable unintended cross-layer flows.
Implementation tips
- IT team should identify where data crosses from one network to another within the organisation. They can do this by mapping out the data paths and points where different network systems connect, using simple diagrams or lists.
- System administrators should set up protocol breaks at these identified crossing points. This involves creating a separate point where data from one network is checked and possibly transformed into a different format before it continues to the next network layer.
- Managers should ensure the protocol break systems have regular checks by IT staff. They can set up a schedule for these checks, ensuring the security settings are up-to-date and functioning as intended.
- Security officers should conduct training sessions for staff about the importance of protocol breaks. The training should include what protocol breaks are and why they are critical for safeguarding sensitive data.
- System owners should work with IT teams to document the areas where protocol breaks are implemented. They need to create a clear document that lists these points and describes how each break functions to maintain security.
Audit / evidence tips
-
Ask: the network diagram showing protocol breaks: Request the current network diagram that includes marked points of protocol breaks
Good: a diagram with distinct, labeled protocol break points across different network layers
-
Ask: to see the documentation on protocol break procedures: Request documents detailing how data is processed at each protocol break
Good: Comprehensive instructions for each break point, including any transformation or checks done
-
Ask: logs of regular protocol break checks: Request the records showing when and how often the protocol breaks are checked
Good: Logs with regular dates and clear descriptions of the monitoring activities
-
Ask: to review staff training records on protocol breaks: Request records or certificates of staff training sessions about protocol breaks
Good: Documented evidence of regular training sessions with high staff attendance
-
Ask: system configuration settings: Request access to configuration settings where protocol breaks are enforced
Good: Configuration settings align exactly with documented procedures and show evidence of regular updates
Cross-framework mappings
How ISM-1521 relates to controls across ISO/IEC 27001, Essential Eight, and ASD ISM.
These mappings show relationships between controls across frameworks. They do not imply full equivalence or certification.
ISO 27001
| Control | Notes | Details |
|---|---|---|
| Partially meets (1) | ||
| Annex A 8.20 | ISM-1521 requires CDSs to implement protocol breaks at each network layer to enforce strong separation of data flows between layers | |
| Supports (1) | ||
| Annex A 8.22 | ISM-1521 requires CDSs to implement protocol breaks at each network layer to prevent direct end-to-end protocol continuity and reduce cro... | |