Navigate

Check: RHEL-06-000321

Red Hat Enterprise Linux 6 STIG: RHEL-06-000321 (in versions v2 r2 through v1 r14)

Title

The system must provide VPN connectivity for communications over untrusted networks. (Cat III impact)

Discussion

Providing the ability for remote users or systems to initiate a secure VPN connection protects information when it is transmitted over a wide area network.

Check Content

If the system does not communicate over untrusted networks, this is not applicable. Run the following command to determine if the "libreswan" package is installed: # rpm -q libreswan If the package is not installed, this is a finding.

Fix Text

The “libreswan” package provides an implementation of IPsec and IKE, which permits the creation of secure tunnels over untrusted networks. The "libreswan" package can be installed with the following command: # yum install libreswan

Additional Identifiers

Rule ID: SV-218061r603264_rule

Vulnerability ID: V-218061

Group Title: SRG-OS-000480

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.

Number	Definition
CCI-000366	The organization implements the security configuration settings.
CCI-001130	The information system protects the confidentiality of transmitted information.
CCI-002418	The information system protects the confidentiality and/or integrity of transmitted information.

Controls

Controls tied to check. These are derived from the CCIs shown above.

Number	Title
CM-6	Configuration Settings
SC-8	Transmission Confidentiality And Integrity