Complying with the Cybersecurity Maturity Model Certification (CMMC) – Level 1

CMMC maps out five levels of maturity ranging from Basic Cyber Hygiene (Level 1) to Advanced/Progressive (Level 5). Any federal contractor or subcontractor handling federal contract information (FCI) or controlled unclassified information (CUI) will, at the least, be required to meet the requirements of Level 3—Good Cyber Hygiene—at a minimum.  Examples of CUI would include any personally identifiable information such as legal material or health documents, technical drawings and blueprints, intellectual property, as well as many other types of data.

Source: https://www.acq.osd.mil/cmmc/docs/CMMC_v1.0_Public_Briefing_20200131_v2.pdf

Each level has a unique purpose, as follows:

• Level 1 – Safeguard Federal contract information
• Level 2 – Serve as transition step in cybersecurity maturity progression to protect CUI
• Level 3 – Protect CUI
• Levels 4-5 – Protect CUI and reduce risk of Advanced Persistent Threats (APTs)

Level 3 requires that contractors fulfill a total of 130 practices and/or controls; level 5 specifies 171 practices. In addition to meeting these, CMMC also requires an assessment of the contractor’s cybersecurity posture, to ensure the company has the tools, processes, and procedures in place to ensure effective compliance. Now the way in which this will work is still being developed, but it could well be that different contractors need to only reach a certain minimum level in order to work on projects.

Details of the practices, controls, and requirements can be found within the DoD’s original CMMC document released in January.

How SolarWinds can help you on your path to CMMC compliance

 

As CMMC specifies hundreds of controls and practices within the five levels based on 17 domains across the different levels.

We will now delve further into each of these categories and discuss the basic and derived security requirements where SolarWinds products can help. As we proceed through each control, we differentiate between products that meet the particular process control and products that partially support or may meet process control depending on product configuration, setup of supporting processes, adherence to best practices, proper usage of tooling, and training of individual contributors. We will just refer to domains and capabilities where SolarWinds products meet process or support to do so.

Maturity Level 1 

CMMC is based on five levels, with Level 1 being “Basic Cyber Hygiene” where processes are performed at a minimum in an ad-hoc manner. 

Access Control (AC)

 

The domain Access Control (AC) focuses on:

• Establish system access requirements
• Control internal system access
• Control remote system access
• Limit data access to authorized users and processes

 

C001 Establish system access requirements
AC.1.001

Limit information system access to authorized users, processes acting on behalf of authorized users, or devices (including other information systems).

The following SolarWinds products meet the AC.1.001 process control:

• Loggly
• Papertrail
• Access Rights Manager
• Security Event Manager
• Patch Manager
• Dameware
• Dameware Remote Everywhere
• Take Control
• Serv-U
• Remote Monitoring & Management
• Network Performance Monitor
• NetFlow Traffic Analyzer
• Network Configuration Manager
• User Device Tracker
• IP Address Manager
• VoIP & Network Quality Manager
• Network Automation Manager
• Log Analyzer
• Virtualization Manager

The following SolarWinds products support and may meet the AC.1.001 protocol:

• AppOptics
• Server Application Monitor

C002 Control internal system access
AC.1.002
Limit information system access to the types of transactions and functions that authorized users are permitted to execute.

 

The following SolarWinds products meet the AC.1.002 process control:

• Access Rights Manager
• Patch Manager
• Dameware
• Dameware Remote Everywhere
• Take Control
• Serv-U
• Remote Monitoring & Management
• Network Performance Monitor
• NetFlow Traffic Analyzer
• Network Configuration Manager
• User Device Tracker
• IP Address Manager
• VoIP & Network Quality Manager
• Network Automation Manager

The following SolarWinds products support and may meet the AC.1.002 protocol:

• AppOptics
• Security Event Manager
• Server Application Monitor
• Server Configuration Monitor
• Virtualization Manager

C004 Limit data access to authorized users and processes
AC.1.003

Verify and control/limit connections to and use of external information systems.

The following SolarWinds products meet the AC.1.003 process control:

• Access Rights Manager
• Patch Manager
• Dameware
• Dameware Remote Everywhere
• Take Control
• Serv-U
• Remote Monitoring & Management
• Network Performance Monitor
• NetFlow Traffic Analyzer
• Network Configuration Manager
• User Device Tracker
• IP Address Manager
• VoIP & Network Quality Manager
• Network Automation Manager

The following SolarWinds products support and may meet the AC.1.003 protocol:

• AppOptics
• Loggly
• Pingdom
• Papertrail
• Security Event Manager
• LogAnalyzer
• Server Application Monitor
• Virtualization Manager
• Web Performance Monitor

AC.1.004

Control information posted or processed on publicly accessible information systems.

The following SolarWinds products meet the AC.1.004 process control:

• Access Rights Manager
• Patch Manager
• Dameware
• Dameware Remote Everywhere
• Take Control
• Serv-U
• Remote Monitoring & Management
• Network Performance Monitor
• NetFlow Traffic Analyzer
• Network Automation Manager

 

The following SolarWinds products support and may meet the AC.1.004 protocol:

• AppOptics
• Security Event Manager
• Network Configuration Manager
• User Device Tracker
• IP Adress Manager
• VoIP & Network Quality Manager
• Network Automation Manager

ID & Authorization (ID)

C015 Grant access to authenticated entities

IA.1.076

Identify information system users, processes acting on behalf of users, or devices.

 

The following SolarWinds products meet the IA.1.076 process control:

• Access Rights Manager
• Patch Manager
• Dameware
• Dameware Remote Everywhere
• Take Control
• Serv-U
• Remote Monitoring & Management
• Network Performance Monitor
• NetFlow Traffic Analyzer
• Network Configuration Manager
• User Device Tracker
• IP Address Manager
• Network Automation Manager

The following SolarWinds products support and may meet the IA.1.076 protocol:

• AppOptics
• Loggly
• Pingdom
• Papertrail
• Security Event Manager
• LogAnalyzer
• Server Application Monitor
• Storage Resource Monitor
• Virtualization Manager
• Web Performance Monitor

C015 Grant access to authenticated entities
IA.1.077
Authenticate (or verify) the identities of those users, processes, or devices, as a prerequisite to allowing access to organizational information systems.

The following SolarWinds products meet the IA.1.077 process control:

• Access Rights Manager
• Patch Manager
• Dameware
• Dameware Remote Everywhere
• Take Control
• Serv-U
• Remote Monitoring & Management

The following SolarWinds products support and may meet the IA.1.077 protocol:

• AppOptics
• Loggly
• Pingdom
• Papertrail
• Security Event Manager
• Network Performance Monitor
• NetFlow Traffic Analyzer
• Network Configuration Manager
• User Device Tracker
• IP Address Manager
• Network Automation Manager
• LogAnalyzer
• Server Application Monitor
• Storage Resource Monitor
• Virtualization Manager
• Web Performance Monitor

Physical Protection (PE)

C028 Limit physical access
PE.1.133
Maintain audit logs of physical access.

The following SolarWinds products support and may meet the PE.1.133 protocol:

• Loggly
• Security Event Manager
• Network Automation Manager
• LogAnalyzer

 

System and Communications Protection (SC)

C039 Control communications at system boundaries
SC.1.175
Monitor, control, and protect organizational communications (i.e., information transmitted or received by organizational information systems) at the external boundaries and key internal boundaries of the information systems.

The following SolarWinds products meet the SC.1.175 process protocol:

• Dameware
• Dameware Remote Everywhere
• Take Control
• Serv-U
• Remote Monitoring & Management
• IP Address Manager
• Network Automation Manager

The following SolarWinds products support and may meet the SC.1.175 protocol:

• Loggly
• Security Event Manager
• Network Performance Monitor
• NetFlow Traffic Analyzer
• Network Configuration Manager
• User Device Tracker
• LogAnalyzer

C039 Control communications at system boundaries

SC.1.176

Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks.

The following SolarWinds products meet the SC.1.176 process protocol:

• AppOptics
• Dameware
• Dameware Remote Everywhere
• Take Control
• Serv-U
• Remote Monitoring & Management
• IP Address Manager
• Network Automation Manager

The following SolarWinds products support and may meet the SC.1.176 protocol:

• Loggly
• Security Event Manager
• Network Configuration Manager
• User Device Tracker
• LogAnalyzer

System & Info. Integrity (SI)

C040 Identify and manage information system flaws
SI.1.210
Identify, report, and correct information and information system flaws in a timely manner.

The following SolarWinds products meet the SI.1.210 process protocol:

• AppOptics
• Pingdom
• Papertrail
• Access Rights Manager
• Remote Monitoring & Management
• Network Performance Monitor
• NetFlow Traffic Analyzer
• User Device Tracker
• VoIP & Network Quality Manager
• Network Automation Manager
• Server Application Monitor
• Server Configuration Monitor
• Storage Resource Monitor
• Virtualization Manager
• Web Performance Monitor

The following SolarWinds products support and may meet the SI.1.210 protocol:

• Loggly
• Security Event Manager
• LogAnalyzer

C041 Identify malicious content
SI.1.211
Provide protection from malicious code at appropriate locations within organizational information systems.

The following SolarWinds products meet the SI.1.211 process protocol:

• Remote Monitoring & Management
• User Device Tracker
• Network Automation Manager
• Server Configuration Monitor

The following SolarWinds products support and may meet the SI.1.211 protocol:

• AppOptics
• Network Configuration Manager

C041 Identify malicious content
SI.1.212
Update malicious code protection mechanisms when new releases are available.

The following SolarWinds products meet the SI.1.212 process protocol:

• Patch Manager
• Remote Monitoring & Management

The following SolarWinds products support and may meet the SI.1.212 protocol:

• AppOptics
• Network Automation Manager
• Server Application Monitor

C041 Identify malicious content
SI.1.213
Perform periodic scans of the information system and real-time scans of files from external sources as files are downloaded, opened, or executed.

The following SolarWinds products meet the SI.1.213 process protocol:

• Patch Manager

The following SolarWinds products support and may meet the SI.1.213 protocol:

• AppOptics
• Remote Monitoring & Management
• Network Automation Manager
• Server Configuration Monitor
• Server Application Monitor
  
  

Below you find links to all products mentioned:

- Network Monitoring and Management

- Systems Monitoring and Management

- Database Performance Monitoring

- IT-Security

- IT Service Management

- Application Performance Management

- Managed Service Providers