For networks which do not allow unmanaged devices, remote endpoints that fail the device authentication check will not proceed with the policy assessment checks (authorization checks) and remote access will be denied.

Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

For networks which do not allow unmanaged devices, remote endpoints that fail the device authentication check will not proceed with the policy assessment checks (authorization checks) and remote access will be denied.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-18852	SRC-NAC-210	SV-20617r1_rule	ECSC-1	Medium

Description
Devices that fail authentication are not permitted on the network. These devices may contain malware or content which is harmful to the enclave.

STIG	Date
Remote Access Policy STIG	2015-09-16

Details

Check Text ( C-22632r1_chk )
Verify by examining the configuration of the policy assessment or enforcement server (e.g., NAC appliance). Examine the actions taken when the endpoint fails authentication comply with the requirement.

Fix Text (F-20528r1_fix)
Where unmanaged devices are not allowed access, the IAO will ensure that remote endpoints that fail the device authentication the remote access request will be terminated.