NIST 800-171 3.13 - System and Communications Protection

The National Institute of Standards and Technology (NIST) Special Publication 800-171 Audit reports provide documentation and compliance artifacts that help you demonstrate compliance with the requirements outlined by NIST 800-171.

The NIST 800-171 3.13 - System and Communications Protection report provides links to network IDS, vulnerability scan, and web application protection features in the Alert Logic console that help demonstrate compliance with NIST 800-171 Basic Security Requirement 3.13.1 and Derived Security Requirement 3.13.6.

To access the NIST 800-171 3.13 - System and Communications Protection report:

  1. In the Alert Logic console, click the menu icon (), and then click Validate.
  2. Click Reports, and then click Compliance.
  3. Under NIST 800 171 Audit, click VIEW.
  4. Click NIST 800-171 3.13 - System and Communications Protection.

The report summary page displays two columns. Basic Security Requirements and Derived Security Requirements list specific requirements from the NIST 800-171 family for protecting Controlled Unclassified Information (CUI) in nonfederal systems and organizations. Available Documentation and Artifacts describes and contains links to the documentation and compliance artifacts that this report can generate to meet each requirement.

Filter the report

To refine your findings, you can filter your report by date range and customer account.

Filter the report using drop-down menus

By default, Alert Logic includes (All) values for most filters in the report.

To add or remove filter values:

  1. Click the drop-down menu in the filter, and then select or clear values.
  2. Click Apply.

Schedule the report

After you finish setting up the report, you can use CREATE REPORT to run it periodically and subscribe users or an integration (such as a webhook) to receive a notification when the report is generated. To learn how to schedule the report and subscribe notification recipients, see Scheduled Reports and Notifications.

Basic Security Requirement 3.13.1

Basic Security Requirement 3.13.1 requires organizations to monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems.

This section provides links to the following pages for quick access to appropriate features in the Alert Logic console that help demonstrate compliance with the requirement:

  • Health page—From this page, you can view the networks monitored by Network IDS. The page is filtered to display a list of healthy networks in your deployments. You can also view your unhealthy networks. For more information, see Health.

  • Deployments page—Network IDS coverage for each deployment can be viewed in the Scope of Protection topology diagram, located in the Deployments page. Select a deployment, and then click Scope of Protection to view the topology diagram. For more information, see Change Protection Level of an Asset.

    From the Deployments page, you can also access vulnerability scan schedules. Select a deployment, and then click Scan Schedules to review the vulnerability scan schedules. For more information, see Manage Vulnerability Scan Schedules.

  • PCI Scanning page—From this page, you can access the PCI scanning feature to review the latest 25 external vulnerability scan reports for the most recent 12-month period. For more information, see Get Started with Alert Logic PCI Scans.
  • WAF page—From this page, you can view a list of your protected websites. You can use the information to demonstrate the WAF is configured to detect and protect your public-facing web applications. For more information, see Configure Alert Logic Managed Web Application Firewall (WAF).

Derived Security Requirement 3.13.6

Derived Security Requirement 3.13.6 requires your organization to deny network communications traffic by default and allow network communications traffic by exception (i.e., deny all, permit by exception).

This section provides links to the WAF page in the Alert Logic console, where you can view a list of your protected websites. You can use the information to demonstrate the WAF is configured to detect and protect your public-facing web applications. For more information, see Configure Alert Logic Managed Web Application Firewall (WAF).