The VPN client on mobile devices must disable split tunneling.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| WN08-MO-000002 | WN08-MO-000002 | WN08-MO-000002_rule | Medium |
| Description |
|---|
| When split tunneling is enabled, device peripherals and other computers communicating with the mobile device may be able to connect to a DoD network and obtain sensitive information or otherwise compromise DoD information resources. Disabling split tunneling eliminates the risk associated with this vulnerability. |
| STIG | Date |
|---|---|
| Windows 8 Security Technical Implementation Guide | 2012-11-21 |
Details
| Check Text ( C-WN08-MO-000002_chk ) |
|---|
| Verify the VPN client on mobile devices is configured to prevent split tunneling for connections to DoD networks. If it is not, this is a finding. |
| Fix Text (F-WN08-MO-000002_fix) |
|---|
| Configure the VPN client on mobile devices to prevent split tunneling when connecting to DoD networks. |