UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Regardless of the type of endpoint used, the communication between the policy enforcement device (e.g., NAC appliance) and the agent must be protected by encryption (e.g., SSL/TLS over HTTP, EAP-TLS, EAP over PPP).


Overview

Finding ID Version Rule ID IA Controls Severity
V-18841 SRC-NAC-130 SV-20594r1_rule ECSC-1 Low
Description
Communications between the remote client and the system which makes the decision to allow or terminate access to the network is privileged traffic. Privileged communication should be separated and/or encrypted.
STIG Date
Remote Access Policy STIG 2015-09-16

Details

Check Text ( C-22598r1_chk )
Verify compliance by checking the configuration of the policy assessment server or other component which communicates with the HBSS client on the endpoint devices.

Verify that communications are set for encrypted access.
Fix Text (F-19516r1_fix)
Ensure that the communication between the endpoint agent and the policy enforcement device is encrypted.