UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Ensure that when TLS VPN is used, endpoints that fail “required” critical endpoint security checks will receive either no access or only limited access.


Overview

Finding ID Version Rule ID IA Controls Severity
V-19383 SRC-VPN-070 SV-21300r1_rule ECSC-1 Low
Description
Remote endpoint devices requesting TLS portal access will either be disconnected or given limited access as designated by the DAA and system owner if the device fails the authentication or security assessment.
STIG Date
Remote Access Policy STIG 2015-09-16

Details

Check Text ( C-23375r1_chk )
Verification will depend on the method used by the site to automate this functionality. Verify that end point failing to pass minimum and requried security configuration checks are not given full access to DoD non-public information with DAA approval.

NOTE: The user will be presented with a limited portal which does not include access options for sensitive resources. (Required security checks will be identified and approved by the DAA or designated representative).
Fix Text (F-19955r1_fix)
Ensure end point failing to pass minimum and required security configuration checks are not given full access to DoD non-public information with DAA approval.