Idle connections DO NOT disconnect in 15 min.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-7997	DSN18.12	SV-8483r1_rule	ECSC-1	Medium

Description
Requirement: The IAO will ensure that a timeout feature, set to 15 minutes, is used to disconnect idle connections. Unattended systems are susceptible to unauthorized use. The system should be locked when unattended. The user idle timeout should be set to a maximum of 15 minutes. This setting protects critical and sensitive system areas from exposure to unauthorized personnel with physical access to an unattended administration/maintenance terminal.

Description

Requirement: The IAO will ensure that a timeout feature, set to 15 minutes, is used to disconnect idle connections. Unattended systems are susceptible to unauthorized use. The system should be locked when unattended. The user idle timeout should be set to a maximum of 15 minutes. This setting protects critical and sensitive system areas from exposure to unauthorized personnel with physical access to an unattended administration/maintenance terminal.

STIG	Date
Defense Switched Network STIG	2015-01-02

Details

Check Text ( C-7378r1_chk )
Have the IAO or SA demonstrate compliance with the requirement; minimally on a sampling of the related or effected devices.

Fix Text (F-7572r1_fix)
The system administrator will ensure that the timeout for unattended user administration/maintenance ports is set for no longer than 15 minutes, if technically feasible.