UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

A MAC Authentication Bypass policy must be implemented for 802.1x unsupported devices that connect to the Enterprise Voice, Video, and Messaging system.


Overview

Finding ID Version Rule ID IA Controls Severity
V-259939 SRG-VOIP-000590 SV-259939r948786_rule Medium
Description
MAC Authentication Bypass (MAB) is not a sufficient stand-alone authentication mechanism for non-802.1x supplicant endpoints. Additional policy-based validation techniques must be developed to ensure that 802.1x exempted devices are properly tracked and controlled to prevent compromise of the underlying 802.1x system and allow unapproved devices to access the Enterprise Voice, Video, and Messaging system.
STIG Date
Enterprise Voice, Video, and Messaging Policy Security Requirements Guide 2024-03-12

Details

Check Text ( C-63670r946736_chk )
Verify a policy and procedure is in place and enforced that addresses the operation of MAC Authentication Bypass exceptions to 802.1x requirements.

If a MAC Authentication Bypass policy is not in place and enforced, this is a finding.
Fix Text (F-63577r946737_fix)
Ensure a policy and procedure is in place and enforced that addresses the operation of MAC Authentication Bypass exceptions to 802.1x requirements.