Regardless of the type of endpoint used, the communication between the policy enforcement device (e.g., NAC appliance) and the agent must be protected by encryption (e.g., SSL/TLS over HTTP, EAP-TLS, EAP over PPP).

Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Regardless of the type of endpoint used, the communication between the policy enforcement device (e.g., NAC appliance) and the agent must be protected by encryption (e.g., SSL/TLS over HTTP, EAP-TLS, EAP over PPP).

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-18841	SRC-NAC-130	SV-20594r1_rule		Low

Description
Communications between the remote client and the system which makes the decision to allow or terminate access to the network is privileged traffic. Privileged communication should be separated and/or encrypted.

STIG	Date
Remote Access Policy STIG	2016-03-28

Details

Check Text ( C-22598r1_chk )
Verify compliance by checking the configuration of the policy assessment server or other component which communicates with the HBSS client on the endpoint devices. Verify that communications are set for encrypted access.

Fix Text (F-19516r1_fix)
Ensure that the communication between the endpoint agent and the policy enforcement device is encrypted.