UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The VPN Gateway must be configured to route sessions to an IDPS for inspection.


Overview

Finding ID Version Rule ID IA Controls Severity
V-207220 SRG-NET-000205-VPN-000710 SV-207220r608988_rule Medium
Description
Remote access devices, such as those providing remote access to network devices and information systems, which lack automated, capabilities increase risk and makes remote user access management difficult at best. Remote access is access to DoD non-public information systems by an authorized user (or an information system) communicating through an external, non-organization-controlled network. Automated monitoring of remote access sessions allows organizations to detect cyber attacks and ensure ongoing compliance with remote access policies by auditing connection activities of remote access capabilities, from a variety of information system components (e.g., servers, workstations, notebook computers, smart phones, and tablets).
STIG Date
Virtual Private Network (VPN) Security Requirements Guide 2021-03-25

Details

Check Text ( C-7480r378281_chk )
Verify the VPN Gateway routes sessions to an IDPS for inspection.

If the VPN Gateway is not configured to route sessions to an IDPS for inspection, this is a finding.
Fix Text (F-7480r378282_fix)
Configure the VPN Gateway to route sessions to an IDPS for inspection.