12.5: Configure Monitoring Systems to Record Network Packets
Configure monitoring systems to record network packets passing through the boundary at each of the organization’s network boundaries.
Asset Type |
Security Function |
Implementation Groups |
|---|---|---|
Network |
Detect |
2, 3 |
Dependencies
Sub-control 2.1: Maintain Inventory of Authorized Software
Sub-control 12.1: Maintain an Inventory of Network Boundaries
Inputs
List of network monitoring systems
List of network boundaries
Operations
- For each network monitoring system:
Retrieve configuration
Check configuration for recording
Enumerate network boundaries covered
Measures
M1 = Count of network monitoring systems (from Input 1)
M2 = List of misconfigured network monitoring systems
M3 = Count of misconfigured network monitoring systems
M4 = Count of network boundaries (from Input 2)
M5 = List of network boundaries covered by network monitoring systems
M6 = Count of network boundaries covered by network monitoring systems
M7 = List of network boundaries not covered by network monitoring systems
M8 = Count of network boundaries not covered by network monitoring systems
Metrics
Monitoring System Configuration
Metric |
Percentage of appropriately configured monitoring systems
|
Calculation |
|
Network Boundary Coverage
Metric |
Percentage of network boundaries not covered by a monitoring system
|
Calculation |
|