CMMC 1.0 Practice AC.2.015 Requirement:
Route remote access via managed access control points.
CMMC 1.0 AC.2.015 Requirement Explanation:
By limiting the number of access points for remote connections you can reduce your company's attack surface.
Example CMMC 1.0 AC.2.015 Implementation:
Route all your VPN connections through a single point (e.g. your external firewall). This allows you to better monitor VPN connections. This generally applies when you have VPN connections coming in from multiple offices.
CMMC 1.0 AC.2.015 Scenario(s):
- Scenario 1:
Alice is a system administrator who manages the IT systems at her company's headquarters and two overseas offices. Each office has its own VPN setup to allow access to the resources on their networks. To better monitor VPN connections, Alice routes all VPN connections through the intrusion detection system at her company's headquarters.
Quick & Simple
Discover Our Cybersecurity Compliance Solutions:
Whether you need to meet and maintain your compliance requirements, help your clients meet them, or verify supplier compliance we have the expertise and solution for you
NIST SP 800-171 & CMMC Compliance
Become compliant, provide compliance services, or verify partner compliance with NIST SP 800-171 and CMMC requirements.
HIPAA Compliance
Become compliant, provide compliance services, or verify partner compliance with HIPAA security rule requirements.
FAR 52.204-21 Compliance
Become compliant, provide compliance services, or verify partner compliance with FAR 52.204-21 Basic Safeguarding of Covered Contractor Information Systems requirements.
ISO 27001 Compliance
Become compliant, provide compliance services, or verify partner compliance with ISO 27001 requirements.