UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The VPN Gateway must employ organization-defined controls by type of denial of service (DoS) to achieve the DoS objective.


Overview

Finding ID Version Rule ID IA Controls Severity
V-264328 SRG-NET-000705-VPN-000110 SV-264328r984313_rule Medium
Description
DoS events may occur due to a variety of internal and external causes, such as an attack by an adversary or a lack of planning to support organizational needs with respect to capacity and bandwidth. Such attacks can occur across a wide range of network protocols (e.g., IPv4, IPv6). A variety of technologies are available to limit or eliminate the origination and effects of DoS events. For example, boundary protection devices can filter certain types of packets to protect system components on internal networks from being directly affected by or the source of DoS attacks. Employing increased network capacity and bandwidth combined with service redundancy also reduces the susceptibility to DoS events.
STIG Date
Virtual Private Network (VPN) Security Requirements Guide 2024-07-02

Details

Check Text ( C-68241r984311_chk )
Verify the VPN Gateway is configured to employ organization-defined controls by type of DoS to achieve the DoS objective.

If the VPN Gateway is not configured to employ organization-defined controls by type of DoS to achieve the DoS objective, this is a finding.
Fix Text (F-68149r984312_fix)
Configure the VPN Gateway to employ organization-defined controls by type of DoS to achieve the DoS objective.