>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

AC-17(1)Remote Access | Monitoring and Control

IL4 Mod
IL4 High
IL5
IL6

>Control Description

Employ automated mechanisms to monitor and control remote access methods.

>DoD Impact Level Requirements

No specific parameter values or requirements for this impact level.

>Discussion

Monitoring and control of remote access methods allows organizations to detect attacks and help ensure compliance with remote access policies by auditing the connection activities of remote users on a variety of system components, including servers, notebook computers, workstations, smart phones, and tablets. Audit logging for remote access is enforced by AU-2. Audit events are defined in AU-2a.

>Programmatic Queries

Beta

Related Services

AWS Client VPN
AWS Systems Manager Session Manager
Amazon CloudWatch

CLI Commands

Describe Client VPN endpoints
aws ec2 describe-client-vpn-endpoints --query 'ClientVpnEndpoints[].{Id:ClientVpnEndpointId,Status:Status.Code,Dns:DnsName}'
List active VPN connections
aws ec2 describe-client-vpn-connections --client-vpn-endpoint-id ENDPOINT_ID --query 'Connections[?Status.Code==`active`]'
Get Session Manager session history
aws ssm describe-sessions --state History --max-results 20
Enable VPN connection logging
aws ec2 modify-client-vpn-endpoint --client-vpn-endpoint-id ENDPOINT_ID --connection-log-options Enabled=true,CloudwatchLogGroup=vpn-logs
Open AWS ConsoleDocumentation

>Related Controls

AU-2
AU-6
AU-12
AU-14

>Assessment Interview Topics

Questions assessors commonly ask

Process & Governance:

  • What formal policies and procedures govern the implementation of AC-17(1) (Monitoring And Control)?
  • Who are the designated roles responsible for implementing, maintaining, and monitoring AC-17(1)?
  • How frequently is the AC-17(1) policy reviewed and updated, and what triggers policy changes?
  • What training or awareness programs ensure personnel understand their responsibilities related to AC-17(1)?

Technical Implementation:

  • Describe the specific technical mechanisms or controls used to enforce AC-17(1) requirements.
  • What automated tools, systems, or technologies are deployed to implement AC-17(1)?
  • How is AC-17(1) integrated into your system architecture and overall security posture?
  • What configuration settings, parameters, or technical specifications enforce AC-17(1) requirements?

Evidence & Documentation:

  • What documentation demonstrates the complete implementation of AC-17(1)?
  • What audit logs, records, reports, or monitoring data validate AC-17(1) compliance?
  • Can you provide evidence of periodic reviews, assessments, or testing of AC-17(1) effectiveness?
  • What artifacts would you present during a FedRAMP assessment to demonstrate AC-17(1) compliance?

Ask AI

Configure your API key to use AI features.