STIGQter STIGQter: STIG Summary: Network Infrastructure Policy Security Technical Implementation Guide Version: 9 Release: 10 Benchmark Date: 24 Jan 2020:

Tunneling of classified traffic across an unclassified IP transport network or service provider backbone must be documented in the enclaves security authorization package and an Approval to Connect (ATC), or an Interim ATC must be issued by DISA prior to implementation.

DISA Rule

SV-15494r3_rule

Vulnerability Number

V-14738

Group Title

Unapproved SIPRNet traffic exists

Rule Version

NET-TUNL-028

Severity

CAT II

CCI(s)

Weight

10

Fix Recommendation

Document the tunneling of classified traffic in the security authorization package and the ATC or Interim ATC.

Check Contents

Review the enclave's security authorization package and the ATC or Interim ATC amending the connection approval received.

If the tunneling of classified traffic is not documented in the security authorization package and an ATC or Interim ATC, this is a finding.

Vulnerability Number

V-14738

Documentable

False

Rule Version

NET-TUNL-028

Severity Override Guidance

Review the enclave's security authorization package and the ATC or Interim ATC amending the connection approval received.

If the tunneling of classified traffic is not documented in the security authorization package and an ATC or Interim ATC, this is a finding.

Check Content Reference

M

Target Key

838

Comments