Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
All mobile device VPN clients must have split tunneling disabled.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-19899 | WIR-MOS-iOS-034-04 | SV-36451r2_rule | ECWN-1 | Medium |
| Description |
|---|
| DoD data could be compromised if transmitted data is not secured with a compliant VPN. Split tunneling could allow connections from non-secure Internet sites to access data on the DoD network. |
| STIG | Date |
|---|---|
| Apple iOS 6 Security Technical Implementation Guide (STIG) | 2013-05-23 |
Details
| Check Text ( C-41594r2_chk ) |
|---|
| This check is not applicable if the installed VPN client is not used for remote access to DoD networks. Note: Use of a VPN to access DoD email on a mobile device is not required. Interview the IAO and/or site wireless device administrator and inspect a sample (3-4) of site devices. Review VPN client specification sheets and verify the VPN client supports disabling split tunneling. Verify the VPN client is configured disable split tunneling. Mark as a finding if the VPN does not support disabling split tunneling or it is not disabled on the client. |
| Fix Text (F-37267r1_fix) |
|---|
| Disable split tunneling on VPN client. |