Ensure devices failing policy assessment that are not automatically remediated either before or during the remote access session, will be flagged for future manual or automated remediation.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-18833 | SRC-NAC-050 | SV-20586r1_rule | Low |
| Description |
|---|
| Devices not compliant with DoD secure configuration policies will not be permitted to use DoD licensed software. The device status will be updated on the network and in the HBSS agent. A reminder will be sent to the user and the SA periodically or at a minimum each time a policy assessment is performed. |
| STIG | Date |
|---|---|
| Remote Access Policy STIG | 2016-03-28 |
Details
| Check Text ( C-22556r1_chk ) |
|---|
| Verifty compliance by viewing the remote access policy server. Verify the remediation status for these machines and also the HBSS agent on the client is updated . Verify that a reminder is sent to the user and the SA periodically or at a minimum each time a policy assessment is performed. |
| Fix Text (F-19505r1_fix) |
|---|
| Configure the remote access policy server or other enforcement device. Ensure endpoints that fail the NAC policy assessment that are not automatically remediated are flagged for manual or automated remediation. |