Ivanti Connect Secure VPN Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-NET-000062-VPN-000200
Group -
The ICS must be configured to use TLS 1.2, at a minimum.
Using older unauthorized versions or incorrectly configuring protocol negotiation makes the gateway vulnerable to known and unknown attacks that exploit vulnerabilities in this protocol. NIST SP 8...Rule High Severity -
SRG-NET-000078-VPN-000290
Group -
SRG-NET-000138-VPN-000490
Group -
The ICS must be configured to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users).
To ensure accountability and prevent unauthenticated access, organizational users must be identified and authenticated to prevent potential misuse and compromise of the system. Organizational user...Rule Medium Severity -
SRG-NET-000140-VPN-000500
Group -
SRG-NET-000164-VPN-000560
Group -
The ICS, when utilizing PKI-based authentication, must be configured to validate certificates by constructing a certification path (which includes status information) to an accepted trust anchor.
Without path validation, an informed trust decision by the relying party cannot be made when presented with any certificate not already explicitly trusted. To meet this requirement, the information...Rule Medium Severity -
SRG-NET-000213-VPN-000721
Group -
SRG-NET-000334-VPN-001260
Group
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.