UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Endpoints accessing the remediation server will not have access to other network resources that are not part of the remediation process.


Overview

Finding ID Version Rule ID IA Controls Severity
V-18853 SRC-NAC-220 SV-20618r1_rule ECSC-1 Medium
Description
This type of access could permit an unauthorized endpoint onto the network. Depending on the critical nature of the authorization failure (e.g., virus detected) this type of access could place the enclave at risk.
STIG Date
Remote Access Policy STIG 2015-09-16

Details

Check Text ( C-22634r1_chk )
Verify compliance by interviewing the NSO. The configuration of the policy enforcement device should also be examined. There are several ways to achieve compliance. In each case, the endpoint should not receive an IP address that can be used on the trusted side of the network. A DMZ, VLAN, or direct host-host communications may be used.
Fix Text (F-19547r1_fix)
Ensure that endpoints accessing the remediation server will not have access to other network resources that are not part of the remediation process.