Related
Recommended

Complying With the Cybersecurity Maturity Model Certification (CMMC) – Level 2

manjakuchel
16 minute read time

CMMC maps out five levels of maturity ranging from Basic Cyber Hygiene (Level 1) to Advanced/Progressive (Level 5). Level 2 of CMMC looks at two factors: processes being documented and an intermediated level of cyberhygiene as progression of Level 1.

Source: https://www.acq.osd.mil/cmmc/docs/CMMC_ModelMain_V1.02_20200318.pdf

How SolarWinds can help you on your path to CMMC compliance

For information on CMMC Maturity Level 1, please click here.

CMMC specifies hundreds of controls and practices within the five levels based on 17 domains across the different levels.

We will now delve further into Level 2 categories and discuss the basic and derived security requirements where SolarWinds® products can help. As we proceed through each control, we differentiate between products that meet the particular process control and products that partially support or may meet process control depending on product configuration, setup of supporting processes, adherence to best practices, proper usage of tooling, and training of individual contributors. We will only refer to domains and capabilities where SolarWinds products meet process or support to do so.

Maturity Level 2

Process Maturity (ML)

MC01 Improve [DOMAIN Name] activities
ML.2.999
Establish a policy that includes [DOMAIN Name].


The following SolarWinds products meet ML.2.999 process protocol:

  • Access Rights Manager
  • Patch Manager
  • Network Configuration Manager
  • IP Address Manager
  • Network Automation Manager

The following SolarWinds products support and may meet ML.2.999 protocol:

  • Dameware Remote Support®
  • N-able Remote Monitoring & Management
  • Network Performance Monitor

 

MC01 Improve [DOMAIN Name] activities
ML.2.998

Document the CMMC practices to implement the [DOMAIN Name] policy.

The following SolarWinds products meet ML.2.998 process protocol:

  • Access Rights Manager
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Configuration Manager
  • IP Address Manager
  • Network Automation Manager

The following SolarWinds products support and may meet ML.2.998 protocol:

  • Dameware Remote Support
  • Network Performance Monitor

Access Control (AC)

 

C001 Establish system access requirements

AC.2.005

Provide privacy and security notices consistent with applicable CUI rules.

The following SolarWinds products meet AC.2.005 process protocol:

  • Access Rights Manager
  • N-able Remote Monitoring & Management
  • Network Automation Manager
  • Server Configuration Monitor

The following SolarWinds products support and may meet AC.2.005 protocol:

  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U®
  • Patch Manager
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager

 

AC.2.006

Limit use of portable storage devices on external systems

The following SolarWinds products meet AC.2.006 process protocol:

  • N-able Remote Monitoring & Management
  • Server Configuration Monitor

The following SolarWinds products support and may meet AC.2.006 protocol:

  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U
  • Patch Manager
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Server & Application Monitor

 

C002 Control internal system access

AC.2.007

Employ the principle of least privilege, including for specific security functions and privileged accounts.

The following SolarWinds products meet AC.2.007 process protocol:

  • Access Rights Manager
  • N-able Remote Monitoring & Management

The following SolarWinds products support and may meet AC.2.007 protocol:

  • AppOpticsTm
  • Dameware Remote Support
  • Patch Manager
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager

 

AC.2.008

Use non-privileged accounts or roles when accessing non-security functions.

The following SolarWinds products meet AC.2.008 process protocol:

  • Access Rights Manager
  • Security Event Manager
  • Dameware Remote Support
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager

The following SolarWinds products support and may meet AC.2.008 protocol:

  • AppOptics

 

AC.2.009

Limit unsuccessful logon attempts.

The following SolarWinds products meet AC.2.009 process protocol:

  • Security Event Manager
  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor

The following SolarWinds products support and may meet AC.2.009 protocol:

  • AppOptics

 

AC.2.010

Use session lock with pattern-hiding displays to prevent access and viewing of data after a period of inactivity.

The following SolarWinds products meet AC.2.010 process protocol:

  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor

The following SolarWinds products support and may meet AC.2.010 protocol:

  • Access Rights Manager

 

AC.2.011

Authorize wireless access prior to allowing such connections.

The following SolarWinds products meet AC.2.011 process protocol:

  • User Device Tracker
  • Network Automation Manager

C003 Control remote system access

AC.2.013

Monitor and control remote access sessions. 

The following SolarWinds products meet AC.2.013 process protocol:

  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U
  • Patch Manager
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Server & Application Monitor
  • Virtualization Manager

The following SolarWinds products support and may meet AC.2.013 protocol:

  • Loggly®
  • Security Event Manager
  • N-able Remote Monitoring & Management
  • Log Analyzer

 

AC.2.015

Route remote access via managed access control points.

 The following SolarWinds products meet AC.2.015 process protocol:

  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager

The following SolarWinds products support and may meet AC.2.015 protocol:

  • AppOptics

 

C004 Limit data access to authorized users and processes

AC.2.016

Control the flow of CUI in accordance with approved authorizations.

The following SolarWinds products meet AC.2.016 process protocol:

  • Dameware Remote Support
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager

 

Audit & Accountability (AU)

C007 Define audit requirements

AU.2.041

Ensure the actions of individual system users can be uniquely traced to those users, so they can be held accountable for their actions.

The following SolarWinds products meet AU.2.041 process protocol:

  • Loggly
  • Access Rights Manager
  • Security Event Manager
  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U
  • N-able Remote Monitoring & Management

The following SolarWinds products support and may meet AU.2.041 protocol:

  • AppOptics
  • Pingdom®
  • PapertrailTm
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor

 

C008 Perform auditing

AU.2.042

Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity.

The following SolarWinds products meet AU.2.041 process protocol:

  • Loggly
  • Papertrail
  • Access Rights Manager
  • Security Event Manager
  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U
  • N-able Remote Monitoring & Management

The following SolarWinds products support and may meet AU.2.042 protocol:

  • AppOptics
  • Pingdom
  • Patch Manager
  • Backup
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor

 

C008 Perform auditing

AU.2.043

Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records.

The following SolarWinds products meet AU.2.043 process protocol:

  • Access Rights Manager
  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U
  • N-able Remote Monitoring & Management

The following SolarWinds products support and may meet AU.2.043 protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Papertrail
  • Security Event Manager
  • Patch Manager
  • Backup
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor

 

C010 Review and manage audit logs

AU.2.044

Review audit logs.

The following SolarWinds products meet AU.2.044 process protocol:

  • Loggly
  • Papertrail
  • Access Rights Manager
  • N-able Remote Monitoring & Management
  • Network Automation Manager
  • Log Analyzer

The following SolarWinds products support and may meet AU.2.044 protocol:

  • AppOptics
  • Pingdom
  • Security Event Manager
  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U
  • Patch Manager
  • Backup
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor

 

Configuration Management (CM)

C013 Establish configuration baselines

CM.2.061

Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles.

The following SolarWinds products meet CM.2.061 process protocol:

  • N-able Remote Monitoring & Management
  • Network Configuration Manager
  • Network Automation Manager
  • Server Configuration Monitor

 

C013 Establish configuration baselines

CM.2.062

Employ the principle of least functionality by configuring organizational systems to provide only essential capabilities.

The following SolarWinds products meet CM.2.062 process protocol:

  • N-able Remote Monitoring & Management
  • Network Configuration Manager
  • Network Automation Manager

C013 Establish configuration baselines

CM.2.063

Control and monitor user-installed software.

The following SolarWinds products meet CM.2.063 process protocol:

  • N-able Remote Monitoring & Management
  • Network Configuration Manager
  • Network Automation Manager
  • Server Configuration Monitor

The following SolarWinds products support and may meet CM.2.063 protocol:

  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U
  • Network Performance Monitor
  • Sever & Application Monitor
  • Virtualization Manager
  • Service Desk

C014 Perform configuration and change management
CM.2.064
Establish and enforce security configuration settings for information technology products employed in organizational systems.

The following SolarWinds products meet CM.2.064 process protocol:

  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Configuration Manager
  • Network Automation Manager

The following SolarWinds products support and may meet CM.2.064 protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Papertrail
  • Access Rights Manager
  • Security Event Manager
  • Log Analyzer
  • Web Performance Monitor

C014 Perform configuration and change management
CM.2.065
Track, review, approve, or disapprove, and log changes to organizational systems.

The following SolarWinds products meet CM.2.065 process protocol:

  • Service Desk

The following SolarWinds products Following SolarWinds support and may meet CM.2.065 process protocol:

  • AppOptics
  • Loggly
  • Security Event Manager
  • Log Analyzer
  • Network Configuration Manager
  • Network Automation Manager
  • Server Configuration Monitor

 

C014 Perform configuration and change management
CM.2.066
Analyze the security impact of changes prior to implementation.

The following SolarWinds products support and may meet CM.2.066 process protocol:

  • AppOptics
  • N-able Remote Monitoring & Management
  • Service Desk

ID & Authorization (IA)

C015 Grant access to authenticated entities
IA.2.078
Enforce a minimum password complexity and change of characters when new passwords are created.

The following SolarWinds products meet IA.2.078 process protocol:

  • Access Rights Manager
  • N-able Remote Monitoring & Management
  • Service Desk

The following SolarWinds products support and may meet IA.2.078 process protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Papertrail
  • Dameware Remote Support
  • Patch Manager
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor


IA.2.079
Prohibit password reuse for a specified number of generations.

The following SolarWinds products meet IA.2.079 process protocol:

  • Access Rights Manager

The following SolarWinds products support and may meet IA.2.079 process protocol:

  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager

 

IA.2.080
Allow temporary password use for system logons with an immediate change to a permanent password.

The following SolarWinds products meet IA.2.080 process protocol:

  • Access Rights Manager

The following SolarWinds products support and may meet IA.2.080 process protocol:

  • N-able Remote Monitoring & Management

 

IA.2.081
Store and transmit only cryptographically protected passwords.

The following SolarWinds products meet IA.2.081 process protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Papertrail
  • Access Rights Manager
  • Security Event Manager
  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U
  • Patch Manager
  • Backup
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor

Incident Response (IR)

C016 Plan incident response
IR.2.092
Establish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery, and user response activities.

The following SolarWinds products meet IR.2.092 process protocol:

  • Service Desk

The following SolarWinds products support and may meet IR.2.092 process protocol:

  • AppOptics
  • Loggly
  • Security Event Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor

 

C017 Detect and report events
IR.2.093
Detect and report events.

The following SolarWinds products support and may meet IR.2.093 process protocol:

  • AppOptics
  • Security Event Manager
  • Dameware Remote Support
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor
  • Service Desk

 

IR.2.094
Analyze and triage events to support event resolution and incident declaration.

The following SolarWinds products meet IR.2.094 process protocol:

  • Service Desk

The following SolarWinds products support and may meet IR.2.094 process protocol:

  • AppOptics
  • Security Event Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • User Device Tracker
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Server & Application Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor

 

C018 Develop and implement a response to a declared incident
IR.2.096
Develop and implement responses to declared incidents according to pre-defined procedures.

The following SolarWinds products support and may meet IR.2.096 process protocol:

  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor
  • Service Desk

 

C019 Perform post incident reviews
IR.2.097
Perform root cause analysis on incidents to determine underlying causes.

The following SolarWinds products meet IR.2.097 process protocol:

  • Service Desk

The following SolarWinds products support and may meet IR.2.097 process protocol:

  • AppOptics
  • Loggly
  • Security Event Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor

Maintenance (MA)

C021 Manage maintenance
MA.2.111
Perform maintenance on organizational systems.

The following SolarWinds products meet MA.2.111 process protocol:

  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Remote Monitoring & Management

The following SolarWinds products support and may meet MA.2.111 process protocol:

  • AppOptics
  • Serv-U
  • Patch Manager
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor
  • Service Desk

 

MA.2.112
Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance.

The following SolarWinds products meet MA.2.112 process protocol:

  • N-able Remote Monitoring & Management

The following SolarWinds products support and may meet MA.2.112 process protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Papertrail
  • Access Rights Manager
  • Patch Manager
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor
  • Service Desk

 

MA.2.113
Require multifactor authentication to establish nonlocal maintenance sessions via external network connections and terminate such connections when nonlocal maintenance is complete.

The following SolarWinds products meet MA.2.113 process protocol:

  • N-able Remote Monitoring & Management

The following SolarWinds products support and may meet MA.2.113 process protocol:

  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Patch Manager
  • Service Desk

 

MA.2.114
Supervise the maintenance activities of personnel without required access authorization.

The following SolarWinds products meet MA.2.114 process protocol:

  • N-able Remote Monitoring & Management

The following SolarWinds products support and may meet MA.2.114 process protocol:

  • Patch Manager

 

Media Protection (MP)

C023 Protect and control media

MP.2.120
Limit access to CUI on system media to authorized users.

The following SolarWinds products meet MP.2.120 process protocol:

  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U

The following SolarWinds products support and may meet MP.2.120 process protocol:

  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager

 

MP.2.121
Control the use of removable media on system components.

The following SolarWinds products support and may meet MP.2.121 process protocol:

  • Security Event Manager
  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • N-able Remote Monitoring & Management
  • Network Automation Manager
  • Server & Application Monitor
  • Server Configuration Monitor

Personnel Security (PS)

C026 Screen personnel
PS.2.127
Screen individuals prior to authorizing access to organizational systems containing CUI.

The following SolarWinds products support and may meet PS.2.127 process protocol:

  • N-able Remote Monitoring & Management

 

C027 Protect CUI during personnel actions
PS.2.128
Ensure organizational systems containing CUI are protected during and after personnel actions such as terminations and transfers.

The following SolarWinds products meet PS.2.128 process protocol:

  • Access Rights Manager

The following SolarWinds products support and may meet PS.2.128 process protocol:

  • AppOptics
  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • Network Automation Manager

Physical Protection (PE)

C028 Limit physical access

PE.2.135
Protect and monitor the physical facility and support infrastructure for organizational systems.

The following SolarWinds products support and may meet PE.2.135 process protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Papertrail
  • Dameware Remote Support
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Server & Application Monitor
  • Log Analyzer

Recovery (RE)

C029 Manage backups
RE.2.137
Regularly perform and test data backups.

The following SolarWinds products meet RE.2.137 process protocol:

  • Backup
  • N-able Remote Monitoring & Management

The following SolarWinds products support and may meet RE.2.137 process protocol:

  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U


RE.2.138
Protect the confidentiality of backup CUI at storage locations.

The following SolarWinds products meet RE.2.138 process protocol:

  • Backup
  • N-able Remote Monitoring & Management
  • Network Automation Manager
  • Server Configuration Monitor

The following SolarWinds products support and may meet RE.2.138 process protocol:

  • Loggly
  • Security Event Manager
  • Log Analyzer

Risk Management (RM)

C031 Identify and evaluate risk
RM.2.141
Periodically assess the risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals, resulting from the operation of organizational systems and the associated processing, storage, or transmission of CUI.

The following SolarWinds products meet RM.2.141 process protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Access Rights Manager
  • Security Event Manager
  • Patch Manager
  • Backup
  • Service Desk

The following SolarWinds products support and may meet RM.2.141 process protocol:

  • Papertrail
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Server & Application Monitor
  • Log Analyzer
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor

RM.2.142
Scan for vulnerabilities in organizational systems and applications periodically and when new vulnerabilities affecting those systems and applications are identified. 

The following SolarWinds products support and may meet RM.2.142 process protocol:

  • AppOptics
  • Security Event Manager
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Configuration Manager
  • User Device Tracker
  • Network Automation Manager
  • Server & Application Monitor

 

C032 Manage risk
RM.2.143
Remediate vulnerabilities in accordance with risk assessments.

The following SolarWinds products meet RM.2.143 process protocol:

  • AppOptics
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Automation Manager
  • Server & Application Monitor

The following SolarWinds products support and may meet RM.2.143 process protocol:

  • Network Configuration Manager
  • User Device Tracker

 

Security Assessment (CA)

C034 Develop and manage a system security plan
CA.2.157
Develop, document, and periodically update system security plans that describe system boundaries, system environments of operation, how security requirements are implemented, and the relationships with or connections to other systems.

The following SolarWinds products support and may meet CA.2.157 process protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Papertrail
  • Access Rights Manager
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Server & Application Monitor
  • Log Analyzer
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor
  • Service Desk

 

C035 Define and manage controls
CA.2.158
Periodically assess the security controls in organizational systems to determine if the controls are effective in their application. 

The following SolarWinds products meet CA.2.158 process protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Network Configuration Manager
  • Network Automation Manager
  • Log Analyzer
  • Server Configuration Monitor

The following SolarWinds products support and may meet CA.2.158 process protocol:

  • Papertrail
  • Access Rights Manager
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Server & Application Manager
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor
  • Service Desk

 

CA.2.159
Develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems.

The following SolarWinds products meet CA.2.159 process protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Papertrail
  • Network Configuration Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Manager
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Virtualization Manager
  • Web Performance Monitor

The following SolarWinds products support and may meet CA.2.159 process protocol:

  • Access Rights Manager
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • VoIP & Network Quality Manager
  • Service Desk

 

System and Communications Protection (SC)

 

C038 Define security requirements for systems and communications

SC.2.178
Prohibit remote activation of collaborative computing devices and provide indication of devices in use to users present at the device.

The following SolarWinds products meet SC.2.178 process protocol:

  • N-able Remote Monitoring & Management
  • Network Configuration Manager
  • User Device Tracker
  • Network Automation Manager

The following SolarWinds products support and may meet SC.2.178 process protocol:

  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Service Desk

SC.2.179
Use encrypted sessions for the management of network devices.

The following SolarWinds products meet SC.2.179 process protocol:

  • Dameware Remote Support
  • Dameware Remote Everywhere
  • N-able Take Control
  • Serv-U
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • Network Configuration Manager
  • User Device Tracker
  • Network Automation Manager

The following SolarWinds products support and may meet SC.2.179 process protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Papertrail
  • Access Rights Manager
  • NetFlow Traffic Analyzer
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Server & Application Manager
  • Server Configuration Monitor

 

System & Info. Integrity (SI)

C040 Identify and manage information system flaws

SI.2.214
Monitor system security alerts and advisories and take action in response.

The following SolarWinds products meet SI.2.214 process protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Papertrail
  • Access Rights Manager
  • Security Event Manager
  • Patch Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Web Performance Monitor
  • Virtualization Manager

The following SolarWinds products support and may meet SI.2.214  process protocol:

  • Service Desk

 

C042 Perform network and system monitoring

SI.2.216
Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks.

The following SolarWinds products meet SI.2.216 process protocol:

  • Security Event Manager
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Web Performance Monitor
  • Virtualization Manager

The following SolarWinds products support and may meet SI.2.216  process protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Papertrail
  • N-able Remote Monitoring & Management

 

SI.2.217
Identify unauthorized use of organizational systems.

The following SolarWinds products meet SI.2.217 process protocol:

  • AppOptics
  • Loggly
  • Pingdom
  • Papertrail
  • Security Event Manager
  • N-able Remote Monitoring & Management
  • Network Performance Monitor
  • NetFlow Traffic Analyzer
  • Network Configuration Manager
  • User Device Tracker
  • IP Address Manager
  • VoIP & Network Quality Manager
  • Network Automation Manager
  • Log Analyzer
  • Server & Application Monitor
  • Server Configuration Monitor
  • Storage Resource Monitor
  • Web Performance Monitor
  • Virtualization Manager

The following SolarWinds products support and may meet SI.2.217 process protocol:

  • Access Rights Manager

 

Below are links to the products mentioned listed by category:

Network Monitoring and Management

Systems Monitoring and Management

Database Performance Monitoring

IT Security

IT Service Management

Application Performance Management

Managed Service Providers

Parents

  • The Cybersecurity Maturity Model Certification (CMMC) is a security framework by the US Department of Defense (DoD) to assess its contractors and subcontractors' security, capability, and resilience. This framework aims to eliminate vulnerabilities in the supply chain and improve security practices.

Comment

  • The Cybersecurity Maturity Model Certification (CMMC) is a security framework by the US Department of Defense (DoD) to assess its contractors and subcontractors' security, capability, and resilience. This framework aims to eliminate vulnerabilities in the supply chain and improve security practices.

Children
No Data
Thwack - Symbolize TM, R, and C

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.