The policy assessment/enforcement device will be configured to use a separate authentication server (e.g., IAS, Active Directory, RADIUS, TACACS+) to perform user authentication.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-18844 | SRC-NAC-160 | SV-20597r1_rule | Medium |
| Description |
|---|
| The remote user policy assessment/enforcement device will be installed on a separate host from the authentication server. This device interacts directly with public networks and devices and should not contain user authentication information for all users. |
| STIG | Date |
|---|---|
| Remote Access Policy STIG | 2016-03-28 |
Details
| Check Text ( C-22601r1_chk ) |
|---|
| Review the authentication configuration of the policy assessment/enforcement device. Verify that it is configured to use a separate authentication server to perform user authentication. |
| Fix Text (F-19519r1_fix) |
|---|
| Ensure the authentication configuration of the policy assessment/enforcement device is configured to use a separate authentication server to perform user authentication. |