The TLS VPN must be configured to limit authenticated client sessions to initial session source IP.

An XCCDF Rule

Details
Profiles

Description

Limiting authenticated client sessions to the initial session source IP for TLS VPNs is a safeguard against session hijacking, replay, and man-in-the-middle attacks, maintaining integrity and confidentiality of communication between clients and servers.

ID: SV-264335r984341_rule
Version: SRG-NET-000019-VPN-002435
Severity: Medium
References: CCI-001414
Updated: about 2 months ago

Remediation Templates

Configure the TLS VPN Gateway to limit authenticated client sessions to initial session source IP.

The TLS VPN must be configured to limit authenticated client sessions to initial session source IP.

Description

Remediation Templates

A Manual Procedure