Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-19831 | SRC-RAP-010 | SV-21994r1_rule | Low |
Description |
---|
The most critical part of a remote access solution is to create a centralized point of access and authentication close to the network edge. This device manages access to network resources on the internal LAN. DoD requires that all information technology devices attached to the network be documented in the DIP. |
STIG | Date |
---|---|
Remote Access Policy STIG | 2016-03-28 |
Check Text ( C-23361r1_chk ) |
---|
The system owner will identify security domain requirements in the DIACAP documentation. Each DIP must include a description of the sites architecture with the remote access equipment shown on the drawing. Verify that these documents will reflect the installation or modification of network communications devices used for network access devices that provide remote access services (e.g., appliances or servers such as RAS, VPN, remote security assessment, or policy appliances). |
Fix Text (F-19143r1_fix) |
---|
Verify DIACAP equipment list reflects changes made to the site’s remote access network devices. |