Skip to content

Install libreswan Package

An XCCDF Rule

Description

The libreswan package provides an implementation of IPsec and IKE, which permits the creation of secure tunnels over untrusted networks. The libreswan package can be installed with the following command:

$ sudo yum install libreswan

Rationale

Providing the ability for remote users or systems to initiate a secure VPN connection protects information when it is transmitted over a wide area network.

ID
xccdf_org.ssgproject.content_rule_package_libreswan_installed
Severity
Medium
References
Updated



Remediation - OS Build Blueprint


[[packages]]
name = "libreswan"
version = "*"

Remediation - Ansible

- name: Ensure libreswan is installed
  package:
    name: libreswan
    state: present
  tags:
  - NIST-800-53-CM-6(a)

Remediation - Puppet

include install_libreswan

class install_libreswan {
  package { 'libreswan':
    ensure => 'installed',
  }