Level 5 CMMC - CMMC Practices

SC.5.198  

Reference: CMMC 1.02

Family: SC

Level Introduced: 5

Practice:
Configure monitoring systems to record packets passing through the organization's Internet network boundaries and other organizationally defined boundaries.

CMMC Clarification:
The organization shall capture and save all packets traversing the network boundary for a period of time determined by the organization. The system will support detailed analysis of an event showing what packets were transmitted and received and be able to reconstruct and determine content transmitted during a specific time period.

Example
You manage security systems for the organization. You purchase a network recorder appliance and install it between the firewall and the Internet router to record all traffic entering or exiting the organization’s network. The network recorder is configured to retain three months of network traffic.

Source: CMMC v1.02