Skip to content
Log In

III - Administrative Public

Rules and Groups employed by this XCCDF Profile

  • The Cisco ASA VPN gateway must be configured to renegotiate the IKE security association after 24 hours or less.

    When a VPN gateway creates an IPsec security association (SA), resources must be allocated to maintain the SA. These resources are wasted during periods of IPsec endpoint inactivity, which could re...
    Rule Medium Severity
    Show

  • SRG-NET-000166-VPN-000580

    Group
    Show

  • The Cisco ASA remote access VPN server must be configured to use a separate authentication server than that used for administrative access.

    The VPN interacts directly with public networks and devices and should not contain user authentication information for all users. AAA network security services provide the primary framework through...
    Rule Medium Severity
    Show

  • SRG-NET-000320-VPN-001120

    Group
    Show

  • The Cisco ASA remote access VPN server must be configured to use LDAP over SSL to determine authorization for granting access to the network.

    Protecting authentication communications between the client, the VPN Gateway, and the authentication server keeps this critical information from being exploited. In distributed information systems...
    Rule Medium Severity
    Show

Node 2

siemur/test-space

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules