Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-14738 | NET-TUNL-028 | SV-15494r2_rule | Medium |
Description |
---|
CJCSI 6211.02E instruction establishes policy and responsibilities for the connection of any information systems to the Defense Information Systems Network (DISN) provided transport. Enclosure E mandates that the CC/S/A document all IP tunnels transporting classified communication traffic in the enclave’s security authorization package prior to implementation. An ATC or IATC amending the current connection approval must be in place prior to implementation. |
STIG | Date |
---|---|
Network Infrastructure Policy Security Technical Implementation Guide | 2016-07-11 |
Check Text ( C-12960r2_chk ) |
---|
Review the enclave's security authorization package and the ATC or Interim ATC amending the connection approval received. If the tunneling of classified traffic is not documented in the security authorization package and an ATC or Interim ATC, this is a finding. |
Fix Text (F-14204r2_fix) |
---|
Document the tunneling of classified traffic in the security authorization package and the ATC or Interim ATC. |