The entity implements logical access security measures to protect against threats from sources outside its system boundaries Restricts Access — The types of activities that can occur through a communication channel (for example, FTP site, router port) are restricted. Protects Identification and Authentication Credentials — Identification and authentication credentials are protected during transmission outside its system boundaries.. Requires Additional Authentication or Credentials — Additional authentication information or credentials are required when accessing the system from outside its boundaries.. Implements Boundary Protection Systems — Boundary protection systems (for example, firewalls, demilitarized zones, and intrusion detection systems) are implemented to protect external access points from attempts and unauthorized access and are monitored to detect such attempts..