CMMC Practice SC.5.230

Enforce port and protocol compliance.

Source

CMMC Version 1.02, pg. 274

Bold Coast Security Guidance

You can enforce protocol compliance using newer firewalls, or by a properly configured IDS/IPS. Include a policy statement that indicates the organizations requirement to enforce port and protocol compliance. Your plan should outline the tools used to enforce protocol compliance, and who is responsible for managing it. To measure the effectiveness of your protocol blocking, be sure to include protocol testing in your regular penetration tests or red-team exercises.

Discussion From Source

CMMC Malicious actors are able to perform command and control and exfiltration of data by running their own protocols over well-known ports or by hijacking fields within a common protocol. By defining allowed ports and protocols, and only allowing proper protocol syntax on the correct authorized ports, the malicious activity is stopped.

References