STIGQter: STIG Summary: Virtual Private Network (VPN) Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The VPN Gateway must uniquely identify all network-connected endpoint devices before establishing a connection.

DISA Rule

SV-207213r608988_rule

Vulnerability Number

V-207213

Group Title

SRG-NET-000148

Rule Version

SRG-NET-000148-VPN-000540

Severity

CAT II

CCI(s)

• CCI-000778 - The information system uniquely identifies an organization-defined list of specific and/or types of devices before establishing a local, remote, or network connection.

Weight

10

Fix Recommendation

Configure the VPN Gateway to uniquely identify all network-connected endpoint devices before establishing a connection.

Check Contents

Verify the VPN Gateway uniquely identifies all network-connected endpoint devices before establishing a connection.

If the VPN Gateway does not uniquely identify all network-connected endpoint devices before establishing a connection, this is a finding.

Vulnerability Number

V-207213

Documentable

False

Rule Version

SRG-NET-000148-VPN-000540

Severity Override Guidance

Verify the VPN Gateway uniquely identifies all network-connected endpoint devices before establishing a connection.

If the VPN Gateway does not uniquely identify all network-connected endpoint devices before establishing a connection, this is a finding.

Check Content Reference

M

Target Key

2920

Comments