Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19144 | SRC-EPT-110 | SV-20957r1_rule | ECSC-1 | Low |
Description |
---|
If a telework devices connect directly to the teleworker’s ISP, such as plugging the device directly into a cable modem, then the device is directly accessible from the Internet and at high risk of being attacked. To prevent this from occurring, the home network should have a security device between the ISP and the telework device. This is most commonly accomplished by using a broadband router (e.g., cable modem router, DSL router) or a firewall appliance. |
STIG | Date |
---|---|
Remote Access Policy STIG | 2015-09-16 |
Check Text ( C-22764r1_chk ) |
---|
Inspect the user training material or the remote user checklist. Verify that the users are trained not to plug the DoD endpoint directly into the broadband modem. Users must be given assistace (e.g., checklist) on how to configure and and properly connect GFE into a properly configured broadband router or firewall appliance. |
Fix Text (F-19695r1_fix) |
---|
Ensure the user is trained not to plug the connect directly to the broadband modem but rather to use a correctly configured security gateway. |