Back to Control Explorer
SC.5.230
Content
Control Acronym
SC
Family
System And Communications Protection
CMMC Level
5
800-171 Control #
N/A
CMMC Description
Enforce port and protocol compliance.
CMMC Clarification
Organizations shall enforce traffic crossing the network boundary is in compliance with the standard for the protocol in question and using the appropriate well-known port. If the port or protocol is not known the traffic should be blocked. Example 1 You are a network engineer for your organization. You have a NextGen firewall installed on the Internet edge of the network and have configured the firewall to perform protocol enforcement and block traffic that is not known or specifically approved by the organization’s security policy. Example 2 You are a network engineer for your organization. You have configured the IPS device to monitor and block traffic that is not in compliance with standard or protocols approved for users to access the Internet.
800-171 Description
800-171 Discussion
N/A
Other Source Discussion
CMMC Malicious actors are able to perform command and control and exfiltration of data by running their own protocols over well-known ports or by hijacking fields within a common protocol. By defining allowed ports and protocols, and only allowing proper protocol syntax on the correct authorized ports, the malicious activity is stopped.
CIS Control References
CIS Controls v7.1 9.2
NIST 800-53 Control Ref.
NIST 800-53 Rev 4 SC-7(17)
CMMC Derived
CMMC