1.8: Utilize Client Certificates to Authenticate Hardware Assets
Use client certificates to authenticate hardware assets connecting to the organization’s trusted network.
Asset Type |
Security Function |
Implementation Groups |
|---|---|---|
Devices |
Protect |
3 |
Dependencies
Sub-control 1.4: Maintain Detailed Asset Inventory
Sub-control 1.5: Maintain Asset Inventory Information
Inputs
The list of endpoints
Operations
Enumerate hardware devices (physical and virtual) from the endpoint inventory
For each hardware device, examine device client authentication certificate configuration noting appropriate and inappropriate configurations
Measures
M1 = List of hardware devices (operation 1)
M2 = List of appropriately configured hardware devices (operation 2)
M3 = List of inappropriately configured hardware devices (operation 2)
M4 = Count of hardware devices (count of M1)
M5 = Count of appropriately configured hardware devices (count of M2)
M6 = Count of inappropriately configured hardware devices (count of M3)
Metrics
Coverage
Metric |
The ratio of appropriately configured hardware devices to the number of hardware devices
|
Calculation |
|