Train users to configure the home networking router or firewall appliance to protect devices on the home network from each other (isolate), the devices are logically separated by the appliance or router (on a different logical segment of the network).
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-19146 | SRC-EPT-130 | SV-20959r1_rule | Low |
| Description |
|---|
| If a personal firewall on a computer malfunctioned, the appliance or router would still protect the computer from unauthorized network communications from external computers. In some cases, the appliance or router also can protect devices on the home network from each other—if the devices are logically separated by the appliance or router. |
| STIG | Date |
|---|---|
| Remote Access Policy STIG | 2016-03-28 |
Details
| Check Text ( C-22780r1_chk ) |
|---|
| Review user agreement or security checklist. Ensure users have been informed that their home network be configured to use the router or firewall to isolate the DoD endpoint from the other devices on the home network. |
| Fix Text (F-19697r1_fix) |
|---|
| Update the remote access security checklist, the user agreement, or other training materials to show that users are trained to comply with the approved teleworker home network architecture. |