An error occurred:

Check: SRG-NET-000342-VPN-001360

Virtual Private Network (VPN) SRG: SRG-NET-000342-VPN-001360 (in versions v3 r3 through v2 r1)

Title

The VPN Gateway must electronically verify the Common Access Card (CAC) credential. (Cat II impact)

Discussion

DoD has mandated the use of the CAC as the Personal Identity Verification (PIV) credential to support identity management and personal authentication for systems covered under HSPD 12, as well as a primary component of layered protection for national security systems.

Check Content

Verify the VPN Gateway electronically verifies the CAC credential. If the VPN Gateway does not electronically verify Personal Identity Verification (PIV) credentials, this is a finding.

Fix Text

Configure the VPN Gateway to electronically verify the CAC credential.

Additional Identifiers

Rule ID: SV-207240r856714_rule

Vulnerability ID: V-207240

Group Title: SRG-NET-000342

Expert Comments

Expert comments are only available to logged-in users.

CCIs

CCIs tied to check.
Number Definition
CCI-001954

Electronically verify Personal Identity Verification-compliant credentials.

Controls

Controls tied to check. These are derived from the CCIs shown above.
Number Title
IA-2(12)

Acceptance of PIV Credentials