CMMC v2.0_SC.L2-3.13.12

CMMC v2.0

3.13 SYSTEM AND COMMUNICATIONS PROTECTION

SC.L2-3.13.12

Monitor control and protect communications (i.e. information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems

Communications can be monitored controlled and protected at boundary components and by restricting or prohibiting interfaces in organizational systems. Boundary components include gateways routers firewalls guards network-based malicious code analysis and virtualization systems or encrypted tunnels implemented within a system security architecture (e.g. routers protecting firewalls or application gateways residing on protected subnetworks). Restricting or prohibiting interfaces in organizational systems includes restricting external web communications traffic to designated web servers within managed interfaces and prohibiting external traffic that appears to be spoofing internal addresses.Organizations consider the shared nature of commercial telecommunications services in the implementation of security requirements associated with the use of such services. Commercial telecommunications services are commonly based on network components and consolidated management systems shared by all attached commercial customers and may also include third party-provided access lines and other service elements. Such transmission services may represent sources of increased risk despite contract security provisions.[SP 800-41] provides guidance on firewalls and firewall policy. [SP 800-125B] provides guidance on security for virtualization technologies.

 

Click here to Start your FREE trial today!

Explainer video

 

What is a Cybersecurity Compliance Framework?

You don’t need to clutter your security and privacy programs with an ever-increasing number of tools as they become more sophisticated. The Lionfish platform offers a one-stop solution to track progress and monitor any framework, from custom-built ones to highly-specialized and in-demand top security and privacy frameworks and certifications.

With the Lionfish platform, every framework is supported with guided scoping, policies, controls, automated evidence collection, and continuous monitoring, ensuring efficient preparation for audits or attestation in minimal time.

The Lionfish platform is compatible with a wide range of security and privacy frameworks, including:

Click here to Start your FREE trial today!

Explainer video