SI-04(10) Visibility of Encrypted Communications
Make provisions so that si-04.10_odp.01 is visible to si-04.10_odp.02.
| Parameter ID | Definition |
|---|---|
| si-04.10_odp.01 | encrypted communications traffic |
| si-04.10_odp.02 | system monitoring tools and mechanisms |
Baselines
- L
- M
- H
- P
Guidance
Organizations balance the need to encrypt communications traffic to protect data confidentiality with the need to maintain visibility into such traffic from a monitoring perspective. Organizations determine whether the visibility requirement applies to internal encrypted traffic, encrypted traffic intended for external destinations, or a subset of the traffic types.