The operating system must prevent public access into an organizations internal networks, except as appropriately mediated by managed interfaces employing boundary protection devices.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33778	SRG-OS-000146-NA	SV-44203r1_rule		Medium

Description
Access into an organization's internal network and to key internal boundaries must be tightly controlled and managed. In the case of the operating system, the key boundary may be the workstation on the public internet. Rationale for non-applicability: Mobile devices operate outside of enclave boundary. The arrangement of boundary protection devices is outside the scope of their control. The boundary protection devices will enforce strong authentication for VPN and other network connections.

Description

Access into an organization's internal network and to key internal boundaries must be tightly controlled and managed. In the case of the operating system, the key boundary may be the workstation on the public internet. Rationale for non-applicability: Mobile devices operate outside of enclave boundary. The arrangement of boundary protection devices is outside the scope of their control. The boundary protection devices will enforce strong authentication for VPN and other network connections.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-07-03

Details

Check Text ( C-41835r1_chk )
This requirement is NA for the Mobile OS SRG.

Fix Text (F-37677r1_fix)
The requirement is NA. No fix is required.