IA-3(1)

  • Requirement

    Authenticate [Assignment: organization-defined devices and/or types of devices] before establishing [Selection (one or more): local; remote; network] connection using bidirectional authentication that is cryptographically based.

  • Discussion

    A local connection is a connection with a device that communicates without the use of a network. A network connection is a connection with a device that communicates through a network. A remote connection is a connection with a device that communicates through an external network. Bidirectional authentication provides stronger protection to validate the identity of other devices for connections that are of greater risk.

More Info

  • Title

    Device Identification and Authentication | Cryptographic Bidirectional Authentication

  • Family

    Identification and Authentication

  • Related NIST 800-53 ID

    SC-8;SC-12;SC-13

CMMC Training

Our CMMC Overview Course simplifies CMMC. Enroll so you can make informed decisions!

Learn More