CMMC Practice Requirement:

Monitor organizational systems, including inbound and outbound communications traffic, to detect attacks and indicators of potential attacks.

CMMC Requirement Explanation:

Intrusion detection systems are designed to identify common cyber attacks. Many modern firewall appliances come with built in intrusion detection capabilities. There are also open source solutions the most famous being Snort.

Example CMMC Implementation:

Place an intrusion detection system between your local network and the internet. Configure it to detect attacks and potential attacks.


- Scenario 1:

You want to monitor traffic coming in and out of your network for cyber attacks. To accomplish this you setup a Snort intrusion detection systems on a Linux server and route your network traffic so that Snort can monitor it.

Discover Our NIST SP 800-171 Solutions:


Compliance Accelerator

For contractors seeking compliance

Quantum Assessor

For IT service providers

Supply Chain Verifier

For contractors seeking to verify partner compliance