STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

All hosted NIPRNet-only applications must be located in a local enclave Demilitarized Zone (DMZ).

DISA Rule

SV-15263r4_rule

Vulnerability Number

V-14638

Group Title

An enclave DMZ architecture is not implemented.

Rule Version

NET0346

Severity

CAT II

CCI(s)

• CCI-002395 - The information system implements subnetworks for publicly accessible system components that are physically and/or logically separated from internal organizational networks.

Weight

10

Fix Recommendation

Implement and move NIPRNet-only applications to a local enclave DMZ.

Check Contents

Review the network topology diagram and interview the ISSO to verify that all NIPRNet-only applications are located in a local enclave DMZ.

If there are any NIPRNet-only applications not hosted in the enclave’s DMZ, this is a finding.

Vulnerability Number

V-14638

Documentable

False

Rule Version

NET0346

Severity Override Guidance

Review the network topology diagram and interview the ISSO to verify that all NIPRNet-only applications are located in a local enclave DMZ.

If there are any NIPRNet-only applications not hosted in the enclave’s DMZ, this is a finding.

Check Content Reference

M

Target Key

838

Comments