NIST 800-53 Rev. 5

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
PT
RA
SA
SC
SI
SR
SI-1
SI-2
SI-13(2)
SI-2(2)
SI-2(3)
SI-2(4)
SI-2(5)
SI-2(6)
SI-3
SI-2(1)
SI-3(1)
SI-3(2)
SI-3(4)
SI-3(3)
SI-3(6)
SI-3(5)
SI-3(8)
SI-3(7)
SI-3(10)
SI-4
SI-4(1)
SI-4(2)
SI-4(3)
SI-4(4)
SI-4(5)
SI-3(9)
SI-4(7)
SI-4(6)
SI-4(9)
SI-4(10)
SI-4(11)
SI-4(12)
SI-4(13)
SI-4(14)
SI-4(15)
SI-4(16)
SI-4(17)
SI-4(18)
SI-4(19)
SI-4(20)
SI-4(21)
SI-4(22)
SI-4(23)
SI-4(24)
SI-4(25)
SI-5
SI-5(1)
SI-6
SI-4(8)
SI-6(2)
SI-6(3)
SI-7
SI-7(1)
SI-7(2)
SI-7(3)
SI-6(1)
SI-7(5)
SI-7(6)
SI-7(7)
SI-7(8)
SI-7(9)
SI-7(10)
SI-7(11)
SI-7(12)
SI-7(13)
SI-7(14)
SI-7(15)
SI-7(16)
SI-7(17)
SI-8
SI-7(4)
SI-8(2)
SI-8(3)
SI-8(1)
SI-10
SI-10(1)
SI-10(2)
SI-10(3)
SI-10(4)
SI-10(5)
SI-10(6)
SI-11
SI-12
SI-12(1)
SI-12(2)
SI-12(3)
SI-13
SI-13(1)
SI-9
SI-13(3)
SI-13(4)
SI-13(5)
SI-14
SI-14(1)
SI-14(2)
SI-14(3)
SI-15
SI-16
SI-17
SI-18
SI-18(1)
SI-18(2)
SI-18(3)
SI-18(4)
SI-18(5)
SI-19
SI-19(1)
SI-19(2)
SI-19(3)
SI-19(4)
SI-19(5)
SI-19(6)
SI-19(7)
SI-19(8)
SI-20
SI-21
SI-22
SI-23

SI-4(10): System Monitoring | Visibility of Encrypted Communications

Control Text:

Make provisions so that [Assignment: organization-defined encrypted communications traffic] is visible to [Assignment: organization-defined system monitoring tools and mechanisms].

Organizations balance the need to encrypt communications traffic to protect data confidentiality with the need to maintain visibility into such traffic from a monitoring perspective. Organizations determine whether the visibility requirement applies to internal encrypted traffic, encrypted traffic intended for external destinations, or a subset of the traffic types.

Related Controls

  • None