Air-gap or network isolated network references

[SteveLasker]

Section 3.7. Authentic Software Components in Air-Gapped Infrastructure uses the term "air-gapped" and "off-line". While "air-gapped" is a common term, it's often used to refer to highly isolated environments. While users are embracing cloud environments, they still wish to maintain network isolation, through virtual private networks. Can/should we reword this section to refer to the more common network isolated environments? The subtle difference between network-isolated and air-gapped is a network-isolated environment may enable ingress/egress rules while an air-gapped environment may implement a data-diode that allows content to go into an environment but the environment can never reach out. (diode = one-way)

[OR13]

It seems worth while to address the isolation levels since each might have different challenges:

• software isolation (like browsers have for private keys per origin) (same device)
• hardware isolation TPM / TEE (same device)
• hardware gapped networks (network of devices)
• software gapped networks / private clouds ( is there a better word for this ? ) (network of devices)