CMMC Practice SC.5.230
Enforce port and protocol compliance.
Bold Coast Security Guidance
You can enforce protocol compliance using newer firewalls, or by a properly configured IDS/IPS. Include a policy statement that indicates the organizations requirement to enforce port and protocol compliance. Your plan should outline the tools used to enforce protocol compliance, and who is responsible for managing it. To measure the effectiveness of your protocol blocking, be sure to include protocol testing in your regular penetration tests or red-team exercises.
Malicious actors are able to perform command and control and exfiltration of data by running their own protocols over well-known ports or by hijacking fields within a common protocol. By defining allowed ports and protocols, and only allowing proper protocol syntax on the correct authorized ports, the malicious activity is stopped.