SI-4(10)—Information System Monitoring

PBMM (P2)

Secret (P2)

Operational

>Control Description

INFORMATION SYSTEM MONITORING | VISIBILITY OF ENCRYPTED COMMUNICATIONS The organization makes provisions so that ⚙organization-defined encrypted communications traffic is visible to ⚙organization-defined information system monitoring tools.

>Supplemental Guidance

Organizations balance the potentially conflicting needs for encrypting communications traffic and for having insight into such traffic from a monitoring perspective. For some organizations, the need to ensure the confidentiality of communications traffic is paramount; for others, mission-assurance is of greater concern. Organizations determine whether the visibility requirement applies to internal encrypted traffic, encrypted traffic intended for external destinations, or a subset of the traffic types.

>Tailoring Guidance

Control enhancement (10) requires that the organization ensures that traffic be decrypted at appropriate locations in the network to satisfy the monitoring requirement. For example, a border gateway may decrypt https session for malicious content verification. Emails may be decrypted at the end-user host and scanned for malicious content locally.

Ask AI

Configure your API key to use AI features.