Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-242581 | CSCO-NC-000070 | SV-242581r812744_rule | Medium |
Description |
---|
Automated and manual procedures for remediation for critical security updates will be managed differently. Continuing to assess and remediate endpoints with risks that could endanger the network could impact network usage for all users. This isolation prevents traffic from flowing with traffic from endpoints that have been fully assessed and authorized. Unauthenticated devices must not be allowed to connect to remediation services. |
STIG | Date |
---|---|
Cisco ISE NAC Security Technical Implementation Guide | 2022-09-14 |
Check Text ( C-45856r812743_chk ) |
---|
If DoD is not at C2C Step 4 or higher, this is not a finding. If not required by the NAC SSP, this is not a finding. Verify that the authorization policies for "Posture NonCompliant" have a result that will assign the remediation VLAN. 1. Work Centers >> Network Access >> Policy Sets. 2. Choose ">" on the desired policy set. 3. Expand Authorization Policy. 4. Scan for Authorization policies with "Posture NonCompliant" condition. 5. Verify the result assigned to the authorization policy will assign the remediation VLAN. If the result is the remediation VLAN, this is not a finding. If posture is not mandated by the Information System Security Manager (ISSM), this is not a finding. |
Fix Text (F-45813r803529_fix) |
---|
If required by the NAC SSP, configure the "Posture NonCompliant" authorization policy so that the result that will assign the remediation VLAN. 1. Work Centers >> Network Access >> Policy Sets. 2. Choose ">" on the desired policy set. 3. Expand Authorization Policy. 4. Create an authorization policy for "Posture NonCompliant". 5. Assign the remediation VLAN result. |