UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The remote access policy will provide separation of traffic based on sensitivity and user trust levels.


Overview

Finding ID Version Rule ID IA Controls Severity
V-18622 SRC-RAP-060 SV-20180r1_rule ECSC-1 Medium
Description
Device authentication must be performed at the perimeter or on a subnet separated from the trusted internal enclave. User authentication ensures the user is authorized for access. However, user authentication does not mitigate the risk from an improperly configured client device. Devices must be tested for policy compliance and assigned a trust level based on the results of a thorough integrity check. This approach checks that devices connecting to the network are authenticated and compliant with network policy prior to allowing access to network resources.
STIG Date
Remote Access Policy STIG 2015-09-16

Details

Check Text ( C-22304r1_chk )
Have the site representative display the evidence of compliance. This feature must be implemented using a central access policy such as in a gateway or access control appliance.

- Government-owned and managed endpoints;
- Personally-owned but managed endpoints;
- Unmanaged endpoints such as public kiosks or personal computers should limited access to Web-based applications;
- Privileged or Administrative access;
- Endpoints compliant with DoD required security configurations such as firewalls, antivirus, etc.
- Endpoints not compliant with DoD required security configurations such as firewalls, antivirus software, etc.
Fix Text (F-19251r1_fix)
Separate the users by conditions and assigned resources based on required minimum security conditions.