Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The application server must enforce requirements for remote connections to the information system.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-35226 | SRG-APP-000140-AS-000094 | SV-46513r1_rule | High |
| Description |
|---|
| Application servers provide remote access capability and must be able to enforce remote access policy requirements or work in conjunction with enterprise tools designed to enforce policy requirements. Examples of policy requirements include, but are not limited to, authorizing remote access to the information system, limiting access based on authentication credentials, and monitoring for unauthorized access. |
| STIG | Date |
|---|---|
| Application Server Security Requirements Guide | 2013-01-08 |
Details
| Check Text ( C-43598r2_chk ) |
|---|
| Review organization policy, AS product documentation and configuration to determine if the system can enforce the organizations requirements for remote connections. If the system is not configured to enforce these requirements, or the remote connection settings are not in accordance with the requirements, this is a finding. |
| Fix Text (F-39772r1_fix) |
|---|
| Configure the AS to enforce remote connection settings. |