CMMC Practice Requirement:

Use encrypted sessions for the management of network devices.

CMMC Requirement Explanation:

Telnet allows you to remotely connect to a device on your network. Unfortunately, Telnet transmits user names and passwords unencrypted. SSH offers the same functionality but is encrypted.

Example CMMC Implementation:

Do not use telnet to access your devices over the network, use SSH instead.


- Scenario 1:

Alice used to connect to a switch on her network using Telnet. Because it is unencrypted and her company needs to meet CMMC requirements she close the port for Telnet and only uses SSH going forward.

Discover Our NIST SP 800-171 Solutions:


Compliance Accelerator

For contractors seeking compliance

Quantum Assessor

For IT service providers

Supply Chain Verifier

For contractors seeking to verify partner compliance