Network Infrastructure Management
Centralize network AAA.
Network Infrastructure Management
Use secure network management and communication protocols (e.g., 802.1X, Wi-Fi Protected Access 2 (WPA2) Enterprise or greater).
Network Infrastructure Management
Level 2
Require users to authenticate to enterprise-managed VPN and authentication services prior to accessing enterprise resources on end-user devices.
Network Infrastructure Management
Establish and maintain dedicated computing resources, either physically or logically separated, for all administrative tasks or tasks requiring administrative access. The computing resources should be segmented from the enterprise's primary network and not be allowed internet access.
Network Infrastructure Management
Establish and maintain dedicated computing resources, either physically or logically separated, for all administrative tasks or tasks requiring administrative access. The computing resources should be segmented from the enterprise's primary network and not be allowed internet access.
Network Monitoring and Defense
Centralize security event alerting across enterprise assets for log correlation and analysis. Best practice implementation requires the use of a SIEM, which includes vendor-defined event correlation alerts. A log analytics platform configured with security-relevant correlation alerts also satisfies this Safeguard.
Network Monitoring and Defense
Tune security event alerting thresholds monthly, or more frequently.
Network Monitoring and Defense
Deploy a host-based intrusion detection solution on enterprise assets, where appropriate and/or supported.
Network Monitoring and Defense
Deploy a network intrusion detection solution on enterprise assets, where appropriate. Example implementations include the use of a Network Intrusion Detection System (NIDS) or equivalent cloud service provider (CSP) service.
Network Monitoring and Defense
Perform traffic filtering between network segments, where appropriate.
