Complying With the Cybersecurity Maturity Model Certification (CMMC) – Level 2
CMMC maps out five levels of maturity ranging from Basic Cyber Hygiene (Level 1) to Advanced/Progressive (Level 5). Level 2 of CMMC looks at two factors: processes being documented and an intermediated level of cyberhygiene as progression of Level 1.
Source: https://www.acq.osd.mil/cmmc/docs/CMMC_ModelMain_V1.02_20200318.pdf
How SolarWinds can help you on your path to CMMC compliance
For information on CMMC Maturity Level 1, please click here.
CMMC specifies hundreds of controls and practices within the five levels based on 17 domains across the different levels.
We will now delve further into Level 2 categories and discuss the basic and derived security requirements where SolarWinds® products can help. As we proceed through each control, we differentiate between products that meet the particular process control and products that partially support or may meet process control depending on product configuration, setup of supporting processes, adherence to best practices, proper usage of tooling, and training of individual contributors. We will only refer to domains and capabilities where SolarWinds products meet process or support to do so.
Maturity Level 2
Process Maturity (ML)
MC01 Improve [DOMAIN Name] activities
ML.2.999
Establish a policy that includes [DOMAIN Name].
The following SolarWinds products meet ML.2.999 process protocol:
- Access Rights Manager
- Patch Manager
- Network Configuration Manager
- IP Address Manager
- Network Automation Manager
The following SolarWinds products support and may meet ML.2.999 protocol:
- Dameware Remote Support®
- N-able Remote Monitoring & Management
- Network Performance Monitor
MC01 Improve [DOMAIN Name] activities
ML.2.998
Document the CMMC practices to implement the [DOMAIN Name] policy.
The following SolarWinds products meet ML.2.998 process protocol:
- Access Rights Manager
- Patch Manager
- N-able Remote Monitoring & Management
- Network Configuration Manager
- IP Address Manager
- Network Automation Manager
The following SolarWinds products support and may meet ML.2.998 protocol:
- Dameware Remote Support
- Network Performance Monitor
Access Control (AC)
C001 Establish system access requirements
AC.2.005
Provide privacy and security notices consistent with applicable CUI rules.
The following SolarWinds products meet AC.2.005 process protocol:
- Access Rights Manager
- N-able Remote Monitoring & Management
- Network Automation Manager
- Server Configuration Monitor
The following SolarWinds products support and may meet AC.2.005 protocol:
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U®
- Patch Manager
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
AC.2.006
Limit use of portable storage devices on external systems
The following SolarWinds products meet AC.2.006 process protocol:
- N-able Remote Monitoring & Management
- Server Configuration Monitor
The following SolarWinds products support and may meet AC.2.006 protocol:
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
- Patch Manager
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Server & Application Monitor
C002 Control internal system access
AC.2.007
Employ the principle of least privilege, including for specific security functions and privileged accounts.
The following SolarWinds products meet AC.2.007 process protocol:
- Access Rights Manager
- N-able Remote Monitoring & Management
The following SolarWinds products support and may meet AC.2.007 protocol:
- AppOptics
- Dameware Remote Support
- Patch Manager
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
AC.2.008
Use non-privileged accounts or roles when accessing non-security functions.
The following SolarWinds products meet AC.2.008 process protocol:
- Access Rights Manager
- Security Event Manager
- Dameware Remote Support
- Patch Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
The following SolarWinds products support and may meet AC.2.008 protocol:
- AppOptics
AC.2.009
Limit unsuccessful logon attempts.
The following SolarWinds products meet AC.2.009 process protocol:
- Security Event Manager
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
- Patch Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
The following SolarWinds products support and may meet AC.2.009 protocol:
- AppOptics
AC.2.010
Use session lock with pattern-hiding displays to prevent access and viewing of data after a period of inactivity.
The following SolarWinds products meet AC.2.010 process protocol:
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
- Patch Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
The following SolarWinds products support and may meet AC.2.010 protocol:
- Access Rights Manager
AC.2.011
Authorize wireless access prior to allowing such connections.
The following SolarWinds products meet AC.2.011 process protocol:
- User Device Tracker
- Network Automation Manager
C003 Control remote system access
AC.2.013
Monitor and control remote access sessions.
The following SolarWinds products meet AC.2.013 process protocol:
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
- Patch Manager
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Server & Application Monitor
- Virtualization Manager
The following SolarWinds products support and may meet AC.2.013 protocol:
- Loggly®
- Security Event Manager
- N-able Remote Monitoring & Management
- Log Analyzer
AC.2.015
Route remote access via managed access control points.
The following SolarWinds products meet AC.2.015 process protocol:
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
- Patch Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
The following SolarWinds products support and may meet AC.2.015 protocol:
- AppOptics
C004 Limit data access to authorized users and processes
AC.2.016
Control the flow of CUI in accordance with approved authorizations.
The following SolarWinds products meet AC.2.016 process protocol:
- Dameware Remote Support
- Patch Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
Audit & Accountability (AU)
C007 Define audit requirements
AU.2.041
Ensure the actions of individual system users can be uniquely traced to those users, so they can be held accountable for their actions.
The following SolarWinds products meet AU.2.041 process protocol:
- Loggly
- Access Rights Manager
- Security Event Manager
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
- N-able Remote Monitoring & Management
The following SolarWinds products support and may meet AU.2.041 protocol:
- AppOptics
- Pingdom®
- Papertrail
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
C008 Perform auditing
AU.2.042
Create and retain system audit logs and records to the extent needed to enable the monitoring, analysis, investigation, and reporting of unlawful or unauthorized system activity.
The following SolarWinds products meet AU.2.041 process protocol:
- Loggly
- Papertrail
- Access Rights Manager
- Security Event Manager
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
- N-able Remote Monitoring & Management
The following SolarWinds products support and may meet AU.2.042 protocol:
- AppOptics
- Pingdom
- Patch Manager
- Backup
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
C008 Perform auditing
AU.2.043
Provide a system capability that compares and synchronizes internal system clocks with an authoritative source to generate time stamps for audit records.
The following SolarWinds products meet AU.2.043 process protocol:
- Access Rights Manager
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
- N-able Remote Monitoring & Management
The following SolarWinds products support and may meet AU.2.043 protocol:
- AppOptics
- Loggly
- Pingdom
- Papertrail
- Security Event Manager
- Patch Manager
- Backup
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
C010 Review and manage audit logs
AU.2.044
Review audit logs.
The following SolarWinds products meet AU.2.044 process protocol:
- Loggly
- Papertrail
- Access Rights Manager
- N-able Remote Monitoring & Management
- Network Automation Manager
- Log Analyzer
The following SolarWinds products support and may meet AU.2.044 protocol:
- AppOptics
- Pingdom
- Security Event Manager
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
- Patch Manager
- Backup
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
Configuration Management (CM)
C013 Establish configuration baselines
CM.2.061
Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles.
The following SolarWinds products meet CM.2.061 process protocol:
- N-able Remote Monitoring & Management
- Network Configuration Manager
- Network Automation Manager
- Server Configuration Monitor
C013 Establish configuration baselines
CM.2.062
Employ the principle of least functionality by configuring organizational systems to provide only essential capabilities.
The following SolarWinds products meet CM.2.062 process protocol:
- N-able Remote Monitoring & Management
- Network Configuration Manager
- Network Automation Manager
C013 Establish configuration baselines
CM.2.063
Control and monitor user-installed software.
The following SolarWinds products meet CM.2.063 process protocol:
- N-able Remote Monitoring & Management
- Network Configuration Manager
- Network Automation Manager
- Server Configuration Monitor
The following SolarWinds products support and may meet CM.2.063 protocol:
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
- Network Performance Monitor
- Sever & Application Monitor
- Virtualization Manager
- Service Desk
C014 Perform configuration and change management
CM.2.064
Establish and enforce security configuration settings for information technology products employed in organizational systems.
The following SolarWinds products meet CM.2.064 process protocol:
- Patch Manager
- N-able Remote Monitoring & Management
- Network Configuration Manager
- Network Automation Manager
The following SolarWinds products support and may meet CM.2.064 protocol:
- AppOptics
- Loggly
- Pingdom
- Papertrail
- Access Rights Manager
- Security Event Manager
- Log Analyzer
- Web Performance Monitor
C014 Perform configuration and change management
CM.2.065
Track, review, approve, or disapprove, and log changes to organizational systems.
The following SolarWinds products meet CM.2.065 process protocol:
- Service Desk
The following SolarWinds products Following SolarWinds support and may meet CM.2.065 process protocol:
- AppOptics
- Loggly
- Security Event Manager
- Log Analyzer
- Network Configuration Manager
- Network Automation Manager
- Server Configuration Monitor
C014 Perform configuration and change management
CM.2.066
Analyze the security impact of changes prior to implementation.
The following SolarWinds products support and may meet CM.2.066 process protocol:
- AppOptics
- N-able Remote Monitoring & Management
- Service Desk
ID & Authorization (IA)
C015 Grant access to authenticated entities
IA.2.078
Enforce a minimum password complexity and change of characters when new passwords are created.
The following SolarWinds products meet IA.2.078 process protocol:
- Access Rights Manager
- N-able Remote Monitoring & Management
- Service Desk
The following SolarWinds products support and may meet IA.2.078 process protocol:
- AppOptics
- Loggly
- Pingdom
- Papertrail
- Dameware Remote Support
- Patch Manager
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
IA.2.079
Prohibit password reuse for a specified number of generations.
The following SolarWinds products meet IA.2.079 process protocol:
- Access Rights Manager
The following SolarWinds products support and may meet IA.2.079 process protocol:
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
IA.2.080
Allow temporary password use for system logons with an immediate change to a permanent password.
The following SolarWinds products meet IA.2.080 process protocol:
- Access Rights Manager
The following SolarWinds products support and may meet IA.2.080 process protocol:
- N-able Remote Monitoring & Management
IA.2.081
Store and transmit only cryptographically protected passwords.
The following SolarWinds products meet IA.2.081 process protocol:
- AppOptics
- Loggly
- Pingdom
- Papertrail
- Access Rights Manager
- Security Event Manager
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
- Patch Manager
- Backup
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
Incident Response (IR)
C016 Plan incident response
IR.2.092
Establish an operational incident-handling capability for organizational systems that includes preparation, detection, analysis, containment, recovery, and user response activities.
The following SolarWinds products meet IR.2.092 process protocol:
- Service Desk
The following SolarWinds products support and may meet IR.2.092 process protocol:
- AppOptics
- Loggly
- Security Event Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
C017 Detect and report events
IR.2.093
Detect and report events.
The following SolarWinds products support and may meet IR.2.093 process protocol:
- AppOptics
- Security Event Manager
- Dameware Remote Support
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
- Service Desk
IR.2.094
Analyze and triage events to support event resolution and incident declaration.
The following SolarWinds products meet IR.2.094 process protocol:
- Service Desk
The following SolarWinds products support and may meet IR.2.094 process protocol:
- AppOptics
- Security Event Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- User Device Tracker
- VoIP & Network Quality Manager
- Network Automation Manager
- Server & Application Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
C018 Develop and implement a response to a declared incident
IR.2.096
Develop and implement responses to declared incidents according to pre-defined procedures.
The following SolarWinds products support and may meet IR.2.096 process protocol:
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
- Service Desk
C019 Perform post incident reviews
IR.2.097
Perform root cause analysis on incidents to determine underlying causes.
The following SolarWinds products meet IR.2.097 process protocol:
- Service Desk
The following SolarWinds products support and may meet IR.2.097 process protocol:
- AppOptics
- Loggly
- Security Event Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
Maintenance (MA)
C021 Manage maintenance
MA.2.111
Perform maintenance on organizational systems.
The following SolarWinds products meet MA.2.111 process protocol:
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Remote Monitoring & Management
The following SolarWinds products support and may meet MA.2.111 process protocol:
- AppOptics
- Serv-U
- Patch Manager
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
- Service Desk
MA.2.112
Provide controls on the tools, techniques, mechanisms, and personnel used to conduct system maintenance.
The following SolarWinds products meet MA.2.112 process protocol:
- N-able Remote Monitoring & Management
The following SolarWinds products support and may meet MA.2.112 process protocol:
- AppOptics
- Loggly
- Pingdom
- Papertrail
- Access Rights Manager
- Patch Manager
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
- Service Desk
MA.2.113
Require multifactor authentication to establish nonlocal maintenance sessions via external network connections and terminate such connections when nonlocal maintenance is complete.
The following SolarWinds products meet MA.2.113 process protocol:
- N-able Remote Monitoring & Management
The following SolarWinds products support and may meet MA.2.113 process protocol:
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Patch Manager
- Service Desk
MA.2.114
Supervise the maintenance activities of personnel without required access authorization.
The following SolarWinds products meet MA.2.114 process protocol:
- N-able Remote Monitoring & Management
The following SolarWinds products support and may meet MA.2.114 process protocol:
- Patch Manager
Media Protection (MP)
C023 Protect and control media
MP.2.120
Limit access to CUI on system media to authorized users.
The following SolarWinds products meet MP.2.120 process protocol:
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
The following SolarWinds products support and may meet MP.2.120 process protocol:
- Patch Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
MP.2.121
Control the use of removable media on system components.
The following SolarWinds products support and may meet MP.2.121 process protocol:
- Security Event Manager
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- N-able Remote Monitoring & Management
- Network Automation Manager
- Server & Application Monitor
- Server Configuration Monitor
Personnel Security (PS)
C026 Screen personnel
PS.2.127
Screen individuals prior to authorizing access to organizational systems containing CUI.
The following SolarWinds products support and may meet PS.2.127 process protocol:
- N-able Remote Monitoring & Management
C027 Protect CUI during personnel actions
PS.2.128
Ensure organizational systems containing CUI are protected during and after personnel actions such as terminations and transfers.
The following SolarWinds products meet PS.2.128 process protocol:
- Access Rights Manager
The following SolarWinds products support and may meet PS.2.128 process protocol:
- AppOptics
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Patch Manager
- N-able Remote Monitoring & Management
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- Network Automation Manager
Physical Protection (PE)
C028 Limit physical access
PE.2.135
Protect and monitor the physical facility and support infrastructure for organizational systems.
The following SolarWinds products support and may meet PE.2.135 process protocol:
- AppOptics
- Loggly
- Pingdom
- Papertrail
- Dameware Remote Support
- Patch Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Server & Application Monitor
- Log Analyzer
Recovery (RE)
C029 Manage backups
RE.2.137
Regularly perform and test data backups.
The following SolarWinds products meet RE.2.137 process protocol:
- Backup
- N-able Remote Monitoring & Management
The following SolarWinds products support and may meet RE.2.137 process protocol:
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
RE.2.138
Protect the confidentiality of backup CUI at storage locations.
The following SolarWinds products meet RE.2.138 process protocol:
- Backup
- N-able Remote Monitoring & Management
- Network Automation Manager
- Server Configuration Monitor
The following SolarWinds products support and may meet RE.2.138 process protocol:
- Loggly
- Security Event Manager
- Log Analyzer
Risk Management (RM)
C031 Identify and evaluate risk
RM.2.141
Periodically assess the risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals, resulting from the operation of organizational systems and the associated processing, storage, or transmission of CUI.
The following SolarWinds products meet RM.2.141 process protocol:
- AppOptics
- Loggly
- Pingdom
- Access Rights Manager
- Security Event Manager
- Patch Manager
- Backup
- Service Desk
The following SolarWinds products support and may meet RM.2.141 process protocol:
- Papertrail
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Server & Application Monitor
- Log Analyzer
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
RM.2.142
Scan for vulnerabilities in organizational systems and applications periodically and when new vulnerabilities affecting those systems and applications are identified.
The following SolarWinds products support and may meet RM.2.142 process protocol:
- AppOptics
- Security Event Manager
- Patch Manager
- N-able Remote Monitoring & Management
- Network Configuration Manager
- User Device Tracker
- Network Automation Manager
- Server & Application Monitor
C032 Manage risk
RM.2.143
Remediate vulnerabilities in accordance with risk assessments.
The following SolarWinds products meet RM.2.143 process protocol:
- AppOptics
- Patch Manager
- N-able Remote Monitoring & Management
- Network Automation Manager
- Server & Application Monitor
The following SolarWinds products support and may meet RM.2.143 process protocol:
- Network Configuration Manager
- User Device Tracker
Security Assessment (CA)
C034 Develop and manage a system security plan
CA.2.157
Develop, document, and periodically update system security plans that describe system boundaries, system environments of operation, how security requirements are implemented, and the relationships with or connections to other systems.
The following SolarWinds products support and may meet CA.2.157 process protocol:
- AppOptics
- Loggly
- Pingdom
- Papertrail
- Access Rights Manager
- Patch Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Server & Application Monitor
- Log Analyzer
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
- Service Desk
C035 Define and manage controls
CA.2.158
Periodically assess the security controls in organizational systems to determine if the controls are effective in their application.
The following SolarWinds products meet CA.2.158 process protocol:
- AppOptics
- Loggly
- Pingdom
- Network Configuration Manager
- Network Automation Manager
- Log Analyzer
- Server Configuration Monitor
The following SolarWinds products support and may meet CA.2.158 process protocol:
- Papertrail
- Access Rights Manager
- Patch Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Server & Application Manager
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
- Service Desk
CA.2.159
Develop and implement plans of action designed to correct deficiencies and reduce or eliminate vulnerabilities in organizational systems.
The following SolarWinds products meet CA.2.159 process protocol:
- AppOptics
- Loggly
- Pingdom
- Papertrail
- Network Configuration Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Manager
- Server Configuration Monitor
- Storage Resource Monitor
- Virtualization Manager
- Web Performance Monitor
The following SolarWinds products support and may meet CA.2.159 process protocol:
- Access Rights Manager
- Patch Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- VoIP & Network Quality Manager
- Service Desk
System and Communications Protection (SC)
C038 Define security requirements for systems and communications
SC.2.178
Prohibit remote activation of collaborative computing devices and provide indication of devices in use to users present at the device.
The following SolarWinds products meet SC.2.178 process protocol:
- N-able Remote Monitoring & Management
- Network Configuration Manager
- User Device Tracker
- Network Automation Manager
The following SolarWinds products support and may meet SC.2.178 process protocol:
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Network Performance Monitor
- NetFlow Traffic Analyzer
- IP Address Manager
- VoIP & Network Quality Manager
- Service Desk
SC.2.179
Use encrypted sessions for the management of network devices.
The following SolarWinds products meet SC.2.179 process protocol:
- Dameware Remote Support
- Dameware Remote Everywhere
- N-able Take Control
- Serv-U
- N-able Remote Monitoring & Management
- Network Performance Monitor
- Network Configuration Manager
- User Device Tracker
- Network Automation Manager
The following SolarWinds products support and may meet SC.2.179 process protocol:
- AppOptics
- Loggly
- Pingdom
- Papertrail
- Access Rights Manager
- NetFlow Traffic Analyzer
- IP Address Manager
- VoIP & Network Quality Manager
- Server & Application Manager
- Server Configuration Monitor
System & Info. Integrity (SI)
C040 Identify and manage information system flaws
SI.2.214
Monitor system security alerts and advisories and take action in response.
The following SolarWinds products meet SI.2.214 process protocol:
- AppOptics
- Loggly
- Pingdom
- Papertrail
- Access Rights Manager
- Security Event Manager
- Patch Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Web Performance Monitor
- Virtualization Manager
The following SolarWinds products support and may meet SI.2.214 process protocol:
- Service Desk
C042 Perform network and system monitoring
SI.2.216
Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks.
The following SolarWinds products meet SI.2.216 process protocol:
- Security Event Manager
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Web Performance Monitor
- Virtualization Manager
The following SolarWinds products support and may meet SI.2.216 process protocol:
- AppOptics
- Loggly
- Pingdom
- Papertrail
- N-able Remote Monitoring & Management
SI.2.217
Identify unauthorized use of organizational systems.
The following SolarWinds products meet SI.2.217 process protocol:
- AppOptics
- Loggly
- Pingdom
- Papertrail
- Security Event Manager
- N-able Remote Monitoring & Management
- Network Performance Monitor
- NetFlow Traffic Analyzer
- Network Configuration Manager
- User Device Tracker
- IP Address Manager
- VoIP & Network Quality Manager
- Network Automation Manager
- Log Analyzer
- Server & Application Monitor
- Server Configuration Monitor
- Storage Resource Monitor
- Web Performance Monitor
- Virtualization Manager
The following SolarWinds products support and may meet SI.2.217 process protocol:
- Access Rights Manager
Below are links to the products mentioned listed by category:
- Network Monitoring and Management
- Systems Monitoring and Management
- Database Performance Monitoring