STIGQter: STIG Summary: Virtual Private Network (VPN) Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The VPN Gateway must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.

DISA Rule

SV-207227r608988_rule

Vulnerability Number

V-207227

Group Title

SRG-NET-000235

Rule Version

SRG-NET-000235-VPN-000820

Severity

CAT II

CCI(s)

• CCI-001190 - The information system fails to an organization-defined known-state for organization-defined types of failures.

Weight

10

Fix Recommendation

Configure the VPN Gateway to fail to a secure state if system initialization fails, shutdown fails, or aborts fail.

Check Contents

Verify the VPN Gateway is configured to fail to a secure state if system initialization fails, shutdown fails, or aborts fail.

If the VPN Gateway does not fail to a secure state if system initialization fails, shutdown fails, or aborts fail, this is a finding.

Vulnerability Number

V-207227

Documentable

False

Rule Version

SRG-NET-000235-VPN-000820

Severity Override Guidance

Verify the VPN Gateway is configured to fail to a secure state if system initialization fails, shutdown fails, or aborts fail.

If the VPN Gateway does not fail to a secure state if system initialization fails, shutdown fails, or aborts fail, this is a finding.

Check Content Reference

M

Target Key

2920

Comments