NIST SP 800-171 & CMMC 2.0 Control 3.13.9 Requirement:

Terminate network connections associated with communications sessions at the end of the sessions or after a defined period of inactivity.

NIST SP 800-171 & CMMC 2.0 3.13.9 Requirement Explanation:

Prevent malicious actors from taking advantage of an open network session or an unattended computer at the end of the connection. Balance user work patterns and needs against security to determine the length of inactivity that will force a termination.

Example NIST SP 800-171 & CMMC 2.0 3.13.9 Implementation:

Establish a policy specifying the period of inactivity before a network connection is terminated. This can be implemented on your firewall by setting the idle time out settings (e.g., in seconds: UDP = 5, TCP = 1800, ICMP = 5, Other = 180). You should set a timeout for remote VPN connections (e.g, timeout after 60 minutes of inactivity).

NIST SP 800-171 & CMMC 2.0 3.13.9 Scenario(s):

- Scenario 1:

You have a VPN appliance allowing users to connect to your network. You configure the idle time out on the VPN to meet your policy which is 60 minutes.

Discover Our NIST SP 800-171 & CMMC 2.0 Solutions:


Compliance Accelerator

Power through compliance. Meet and maintain your NIST SP 800-171 & CMMC 2.0 compliance requirements.

Quantum Assessor

Transform your business. Create new revenue streams and provide scalability for your NIST SP 800-171 and CMMC 2.0 services.

Supply Chain Verifier

Trust is everything. Verify, monitor, and support subcontactor compliance.