Check: SRG-NET-000205-VPN-000710
Virtual Private Network (VPN) SRG:
SRG-NET-000205-VPN-000710
(in versions v3 r3 through v1 r0.1)
Title
The VPN Gateway must be configured to route sessions to an IDPS for inspection. (Cat II impact)
Discussion
Remote access devices, such as those providing remote access to network devices and information systems, which lack automated, capabilities increase risk and makes remote user access management difficult at best. Remote access is access to DoD non-public information systems by an authorized user (or an information system) communicating through an external, non-organization-controlled network. Automated monitoring of remote access sessions allows organizations to detect cyber attacks and ensure ongoing compliance with remote access policies by auditing connection activities of remote access capabilities, from a variety of information system components (e.g., servers, workstations, notebook computers, smart phones, and tablets).
Check Content
Verify the VPN Gateway routes sessions to an IDPS for inspection. If the VPN Gateway is not configured to route sessions to an IDPS for inspection, this is a finding.
Fix Text
Configure the VPN Gateway to route sessions to an IDPS for inspection.
Additional Identifiers
Rule ID: SV-207220r608988_rule
Vulnerability ID: V-207220
Group Title: SRG-NET-000205
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-001097 |
Monitor and control communications at the external managed interfaces to the system and at key managed interfaces within the system. |
Controls
| Number | Title |
|---|---|
| SC-7 |
Boundary Protection |