STIGQter: STIG Summary: Virtual Private Network (VPN) Security Requirements Guide Version: 2 Release: 3 Benchmark Date: 23 Apr 2021:

The VPN Gateway must uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).

DISA Rule

SV-207208r608988_rule

Vulnerability Number

V-207208

Group Title

SRG-NET-000138

Rule Version

SRG-NET-000138-VPN-000490

Severity

CAT II

CCI(s)

• CCI-000764 - The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).

Weight

10

Fix Recommendation

Configure the VPN Gateway to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).

Check Contents

Verify the VPN Gateway is configured to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).

If the VPN Gateway does not uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users), this is a finding.

Vulnerability Number

V-207208

Documentable

False

Rule Version

SRG-NET-000138-VPN-000490

Severity Override Guidance

Verify the VPN Gateway is configured to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).

If the VPN Gateway does not uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users), this is a finding.

Check Content Reference

M

Target Key

2920

Comments