V-243498
CAT IIIf a VPN is used in the AD implementation, the traffic must be inspected by the network Intrusion detection system (IDS).
- Ships Affected
- 1
- Total Findings
- 1
- Open
- 0
- Closed
- 0
Check Text
1. Interview the site representative. Ask about the location of the domain controllers.
2. If domain controllers are not located in multiple enclaves, then this check is not applicable.
3. If domain controllers are located in multiple enclaves and a VPN is not used, then this check is not applicable.
4. If domain controllers are located in multiple enclaves and a VPN is used, review the site network diagram(s) with the SA, NSO, or network reviewer as required to determine if the AD network traffic is visible to a network or host IDS.
5. If the AD network traffic is not visible to a network or host IDS, then this is a finding.
Fix Text
Replace the VPN solution or reconfigure it so that directory data is inspected by a network or host-based IDS.
STIG Reference
- STIG
- Active Directory Domain Security Technical Implementation Guide
- Version
- 3
- Release
- 7
- Rule ID
- SV-243498r958406_rule
All Occurrences
This vulnerability appears on 1 ship(s)
| Ship | Hull # | Source File | Status | Assigned To | Scan Date | Actions |
|---|---|---|---|---|---|---|
| USNS MONTFORD POINT | T-ESD-1 | _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_ADDomain_V3R5_20251023-171837.ckl | Unassigned | 2026-01-14T12:57:36.435963 | View in Context |