In a multilevel secure environment, you should treat the intraensemble data network (IEDN) and the OSA-Express for zBX (OSX) interfaces as any other data network with OSA-Express access. Because access to the IEDN through dynamic Internal Queued Direct I/O extensions (IQDX) interfaces is dependent on OSX access, traffic that is permitted or restricted over OSX interfaces is similarly permitted or restricted over IQDX interfaces. However, the intranode management network (INMN) and the OSA-Express for Unified Resource Manager (OSM) interfaces require special considerations. For information about these additional considerations, see Preparing for IP networking in a multilevel secure environment.
If you are using network access control, the IEDN and the OSX interfaces are subject to the same network access control as any other data network with OSA-Express access. Because access to the IEDN through dynamic IQDX interfaces is dependent on OSX access, traffic that is permitted or restricted over OSX interfaces is similarly permitted or restricted over IQDX interfaces. However, all traffic to and from the INMN over OSM interfaces is exempt from network access control, and is instead subject to OSM access control. Only multicast addresses to which a platform management application binds are subject to network access control.