STIGQter: STIG Summary: Test and Development Zone D Security Technical Implementation Guide Version: 1 Release: 5 Benchmark Date: 26 Oct 2018:

Remote access VPNs must prohibit the use of split tunneling on VPN connections.

DISA Rule

SV-51536r1_rule

Vulnerability Number

V-39669

Group Title

ENTD0300 - Remote access VPN policies do not disable split tunneling.

Rule Version

ENTD0300

Severity

CAT II

CCI(s)

CCI-000366 - The organization implements the security configuration settings.

Weight

Fix Recommendation

Configure VPNs to prohibit split tunneling when connecting to the test and development environment.

Check Contents

Determine whether split tunneling is prohibited for remote access VPNs connecting to the test and development environment. If the VPN policy allows split tunneling, this is a finding.

Vulnerability Number

V-39669

Documentable

False

Rule Version

ENTD0300

Severity Override Guidance

Determine whether split tunneling is prohibited for remote access VPNs connecting to the test and development environment. If the VPN policy allows split tunneling, this is a finding.

Check Content Reference

Target Key

1134

Remote access VPNs must prohibit the use of split tunneling on VPN connections.

DISA Rule

Vulnerability Number

Group Title

Rule Version

Severity

CCI(s)

Weight

Fix Recommendation

Check Contents

Vulnerability Number

Documentable

Rule Version

Severity Override Guidance

Check Content Reference

Target Key

Comments