UCF STIG Viewer Logo

The VPN client on mobile devices must disable split tunneling.


Overview

Finding ID Version Rule ID IA Controls Severity
V-36753 WN08-MO-000002 SV-48427r2_rule ECWN-1 Medium
Description
When split tunneling is enabled, device peripherals and other computers communicating with the mobile device may be able to connect to a DoD network and obtain sensitive information or otherwise compromise DoD information resources. Disabling split tunneling eliminates the risk associated with this vulnerability.
STIG Date
Windows 8/8.1 Security Technical Implementation Guide 2018-02-12

Details

Check Text ( C-45096r1_chk )
Verify the VPN client on mobile devices is configured to prevent split tunneling for connections to DoD networks. If it is not, this is a finding.

Procedures will vary depending on the VPN client used.
Fix Text (F-41558r1_fix)
Configure the VPN client on mobile devices to prevent split tunneling when connecting to DoD networks.

Procedures will vary depending on the VPN client used.