Controlling cyber (or network) access is always a main concern to limit threat vectors for lateral movement once they have gained a stepping stone within the infrastructure.
The physical access aspect must not be forgotten. No matter how sophiscated controls are implemented and in place, if the core equipment is exposed to access at wish, this will defeat all these cyber controls.
Bear in mind that all controls are to defer the access as much as possible. There is no bullet proof solution. A comprehensive risk assessment against the target of evaluation is very important to develop effective compensating controls.