The mobile operating systems VPN client must use either IPSec or SSL/TLS when connecting to DoD networks.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33139	SRG-OS-000160-MOS-000080	SV-43537r2_rule		Medium

Description
Use of non-standard communications protocols can affect both the availability and confidentiality of communications. IPSec and SSL/TLS are both well-known and tested protocols that provide strong assurance with respect to both IA and interoperability.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41398r3_chk )
Review system documentation and operating system configuration to verify the VPN client uses IPSec or SSL/TLS when connecting to DoD networks. Note: This requirement also applies to a private VPN connection from the carrier's network to the DoD network that is designed to route all mobile device traffic directly to the DoD network. If it does not support either of these protocols, or does not use them when establishing a VPN connection to a DoD network, this is a finding.

Check Text ( C-41398r3_chk )

Review system documentation and operating system configuration to verify the VPN client uses IPSec or SSL/TLS when connecting to DoD networks. Note: This requirement also applies to a private VPN connection from the carrier's network to the DoD network that is designed to route all mobile device traffic directly to the DoD network. If it does not support either of these protocols, or does not use them when establishing a VPN connection to a DoD network, this is a finding.

Fix Text (F-37039r1_fix)
Configure the mobile operating system's VPN client to use IPSec or SSL/TLS when connecting to a DoD network.