The network device must authenticate devices before establishing remote network connections using bidirectional authentication between cryptography-based devices.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
SRG-NET-000149-NDM-000108	SRG-NET-000149-NDM-000108	SRG-NET-000149-NDM-000108_rule		Low

Description
This requirement addresses device to device authentication during remote network management sessions used to manage the network device. A remote connection is any connection with a device communicating through an external network (e.g., the Internet). Remote management must be secured using cryptography; and authentication must use a bidirectional authentication method where each device is authenticated.

Description

This requirement addresses device to device authentication during remote network management sessions used to manage the network device. A remote connection is any connection with a device communicating through an external network (e.g., the Internet). Remote management must be secured using cryptography; and authentication must use a bidirectional authentication method where each device is authenticated.

STIG	Date
Network Device Management Security Requirements Guide	2013-07-30

Details

Check Text ( C-SRG-NET-000149-NDM-000108_chk )
Verify the network device authenticates other devices before establishing remote network connections using bidirectional authentication between cryptography-based devices. If the network device does not authenticate other devices before establishing remote network connections, this is a finding.

Fix Text (F-SRG-NET-000149-NDM-000108_fix)
Configure the network device to authenticate remote access network connections using bidirectional authentication between cryptography-based devices.