12.1: Ensure Network Infrastructure is Up-to-Date
Ensure network infrastructure is kept up-to-date. Example implementations include running the latest stable release of software and/or using currently supported network-as-a-service (NaaS) offerings. Review software versions monthly, or more frequently, to verify software support.
Asset Type |
Security Function |
Implementation Groups |
---|---|---|
Network |
Protect |
1, 2, 3 |
Dependencies
Safeguard 1.1: Establish and Maintain Detailed Enterprise Asset Inventory
Inputs
GV1
: Enterprise asset inventoryAuthoritative source of latest version information
Date of last review of network infrastructure
Operations
Use
GV1
to identify and enumerate assets that are part of the network infrastructureGV35
(M1)- Compare the network infrastructre asset version to the version in Input 2
Identify and enumerate assets that match the most recent version (M2)
Identify and enumerate assets that don’t match the most recent version (M3)
Compare Input 3 to current date and capture timeframe in days (M4)
Measures
M1 = Count of network infrastructure assets
M2 = Count of network infrastructure assets up to date
M3 = Count of network infrastructure assets not up to date
M4 = Timeframe since last review of network infrastrucute
Metrics
If M4 is greater than thirty days, then this safeguard is measured at a 0 and receives a failing score. The other metrics don’t apply.
Coverage
Metric |
The percentage of network infrastructure assets that are up to date
|
Calculation |
|