← Back to catalog
SI-4(11)
Analyze Communications Traffic Anomalies
System and Information Integrity (SI)
Baselines
Low · Not includedModerate · Not includedHigh · Not included
Description
Analyze outbound communications traffic at the external interfaces to the system and selected [assignment] to discover anomalies.
Discussion
Organization-defined interior points include subnetworks and subsystems. Anomalies within organizational systems include large file transfers, long-time persistent connections, attempts to access information from unexpected locations, the use of unusual protocols and ports, the use of unmonitored network protocols (e.g., IPv6 usage during IPv4 transition), and attempted communications with suspected malicious external addresses.
Implementation guidance
No content available.
CSF 2.0 crosswalk
No CSF mappings exist for this control.