OpenControls Logo

STIG Viewer

NIST 800-171 v2

110 security requirements available

My Controls0800-171 Catalog110Collections0
3.13.7Derived Requirement

System and Communications Protection

Security Requirement

Prevent remote devices from simultaneously establishing non-remote connections with organizational systems and communicating via some other connection to resources in external networks (i.e., split tunneling).

Discussion

Split tunneling might be desirable by remote users to communicate with local system resources such as printers or file servers. However, split tunneling allows unauthorized external connections, making the system more vulnerable to attack and to exfiltration of organizational information. This requirement is implemented in remote devices (e.g., notebook computers, smart phones, and tablets) through configuration settings to disable split tunneling in those devices, and by preventing configuration settings from being readily configurable by users. This requirement is implemented in the system by the detection of split tunneling (or of configuration settings that allow split tunneling) in the remote device, and by prohibiting the connection if the remote device is using split tunneling.

Framework
NIST SP 800-171 Rev 2
Family
System and Communications Protection
Requirement Type
derived

Related Frameworks

3 paths across 2 frameworks
NIST 800-531 mapping
SC-7(7)
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI2 mappings
CCI-002397
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent
CCI-004873
1.00
  • NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
  • DISA · 2025-01-23 · disa_cci_list · equivalent

Related STIGs

79 STIGs reach this control through 70 CCIs via 800-53 control SC-7. Expand a row to see the responsible NICE and O*NET roles.

Operating System — Server

1 STIG
Microsoft Windows Server 2025 Security Technical Implementation Guide
V1R12026-02-201 of 284 findings match

Network Device

63 STIGs
Router Security Requirements Guide
52024-05-2835 of 108 findings match
Router Security Requirements Guide
V5R22025-09-1035 of 123 findings match
Cisco IOS XR Router RTR Security Technical Implementation Guide
32024-08-2232 of 96 findings match
Cisco IOS XR Router RTR Security Technical Implementation Guide
V3R32025-08-1932 of 96 findings match
Juniper EX Series Switches Router Security Technical Implementation Guide
V2R12024-06-1031 of 102 findings match
Cisco IOS Router RTR Security Technical Implementation Guide
32024-11-2530 of 92 findings match
Cisco IOS Router RTR Security Technical Implementation Guide
V3R42025-08-1930 of 92 findings match
Cisco IOS XE Router RTR Security Technical Implementation Guide
32025-05-1630 of 97 findings match
Show 55 more STIGs in this category →
Cisco IOS XE Router RTR Security Technical Implementation Guide
V3R52025-08-1430 of 97 findings match
Juniper Router RTR Security Technical Implementation Guide
V3R22024-12-0530 of 96 findings match
RUCKUS ICX Router Security Technical Implementation Guide
V1R12025-06-0328 of 81 findings match
Cisco IOS XE Switch RTR Security Technical Implementation Guide
32025-05-2026 of 88 findings match
Cisco IOS XE Switch RTR Security Technical Implementation Guide
V3R42026-03-0426 of 88 findings match
Cisco IOS Switch RTR Security Technical Implementation Guide
32024-06-0624 of 53 findings match
Cisco IOS Switch RTR Security Technical Implementation Guide
V3R32026-03-0424 of 53 findings match
Arista MLS EOS 4.X Router Security Technical Implementation Guide
V2R22025-02-2021 of 75 findings match
Cisco NX OS Switch RTR Security Technical Implementation Guide
32024-12-2021 of 78 findings match
Cisco NX OS Switch RTR Security Technical Implementation Guide
V3R42026-03-0421 of 78 findings match
Network Infrastructure Policy Security Technical Implementation Guide
V10R72024-08-0218 of 67 findings match
Cisco ACI Router Security Technical Implementation Guide
12025-06-188 of 45 findings match
Dell OS10 Switch Router Security Technical Implementation Guide
12024-12-118 of 42 findings match
Dell OS10 Switch Router Security Technical Implementation Guide
V1R22026-03-048 of 42 findings match
Firewall Security Requirements Guide
32024-12-047 of 34 findings match
Firewall Security Requirements Guide
V3R32025-09-227 of 35 findings match
Arista MLS EOS 4.X L2S Security Technical Implementation Guide
V2R32025-05-196 of 18 findings match
Cisco IOS Switch L2S Security Technical Implementation Guide
V3R12024-06-066 of 22 findings match
Cisco IOS XE Switch L2S Security Technical Implementation Guide
V3R22025-05-196 of 22 findings match
Cisco NX OS Switch L2S Security Technical Implementation Guide
V3R22024-08-226 of 22 findings match
Application Layer Gateway Security Requirements Guide
22024-12-045 of 155 findings match
Application Layer Gateway Security Requirements Guide
V2R32025-09-155 of 160 findings match
Cisco ASA Firewall Security Technical Implementation Guide
V2R12024-06-065 of 21 findings match
F5 BIG-IP TMOS Firewall Security Technical Implementation Guide
V1R12024-09-095 of 14 findings match
Fortinet FortiGate Firewall Security Technical Implementation Guide
12022-09-125 of 29 findings match
Fortinet FortiGate Firewall Security Technical Implementation Guide
V1R42025-11-195 of 29 findings match
Palo Alto Networks ALG Security Technical Implementation Guide
V3R42025-03-125 of 50 findings match
Cisco ACI Router Security Technical Implementation Guide
V1R22025-12-114 of 26 findings match
Symantec ProxySG ALG Security Technical Implementation Guide
V1R32020-03-274 of 66 findings match
HPE Aruba Networking AOS Wireless Security Technical Implementation Guide
12024-10-293 of 14 findings match
HPE Aruba Networking AOS Wireless Security Technical Implementation Guide
V1R22026-02-253 of 14 findings match
Juniper EX Series Switches Layer 2 Switch Security Technical Implementation Guide
22025-03-073 of 24 findings match
Juniper EX Series Switches Layer 2 Switch Security Technical Implementation Guide
V2R42025-12-103 of 24 findings match
Juniper SRX Services Gateway ALG Security Technical Implementation Guide
V3R32024-12-193 of 24 findings match
Layer 2 Switch Security Requirements Guide
V3R42026-02-123 of 36 findings match
Virtual Private Network (VPN) Security Requirements Guide
32024-12-193 of 82 findings match
Virtual Private Network (VPN) Security Requirements Guide
V3R42025-09-103 of 92 findings match
HP FlexFabric Switch RTR Security Technical Implementation Guide
V1R22020-06-032 of 21 findings match
HPE Aruba Networking AOS VPN Security Technical Implementation Guide
V1R12024-10-292 of 21 findings match
IBM DataPower ALG Security Technical Implementation Guide
V1R12016-01-212 of 65 findings match
Juniper SRX Services Gateway VPN Security Technical Implementation Guide
V3R22024-12-202 of 28 findings match
Layer 2 Switch Security Requirements Guide
32025-03-052 of 28 findings match
Network WLAN AP-IG Platform Security Technical Implementation Guide
V7R32023-02-132 of 9 findings match
Network WLAN Bridge Platform Security Technical Implementation Guide
V7R22023-02-132 of 6 findings match
Network WLAN Controller Platform Security Technical Implementation Guide
V7R32023-02-132 of 6 findings match
SDN Controller Security Requirements Guide
22024-05-282 of 34 findings match
Symantec Edge SWG ALG Security Technical Implementation Guide
V1R12025-12-162 of 15 findings match
Akamai KSD Service Impact Level 2 ALG Security Technical Implementation Guide
V1R12017-09-151 of 33 findings match
Cisco ACI Layer 2 Switch Security Technical Implementation Guide
12025-06-131 of 13 findings match
Cisco ASA VPN Security Technical Implementation Guide
V2R22024-08-221 of 41 findings match
Dell OS10 Switch Layer 2 Switch Security Technical Implementation Guide
V1R12024-12-111 of 20 findings match
Ivanti Connect Secure VPN Security Technical Implementation Guide
22024-06-101 of 15 findings match
Ivanti Connect Secure VPN Security Technical Implementation Guide
V2R22025-09-091 of 15 findings match
Network WLAN AP-NIPR Platform Security Technical Implementation Guide
V7R32023-02-131 of 11 findings match
RUCKUS ICX Layer 2 Switch Security Technical Implementation Guide
V1R12025-06-031 of 24 findings match

Web / Application Server

2 STIGs
Application Security and Development Security Technical Implementation Guide
62025-02-121 of 286 findings match
Application Security and Development Security Technical Implementation Guide
V6R42025-09-091 of 286 findings match

Virtualization / Container

9 STIGs
VMware NSX-T Tier 1 Gateway Firewall Security Technical Implementation Guide
V1R32023-06-222 of 9 findings match
VMware NSX-T Tier-0 Gateway Firewall Security Technical Implementation Guide
V1R32023-06-222 of 7 findings match
Kubernetes Security Technical Implementation Guide
22025-05-161 of 94 findings match
Kubernetes Security Technical Implementation Guide
V2R62026-02-121 of 92 findings match
VMware NSX 4.x Distributed Firewall Security Technical Implementation Guide
V1R22024-12-131 of 6 findings match
VMware NSX 4.x Tier-0 Gateway Firewall Security Technical Implementation Guide
V1R22024-12-131 of 4 findings match
VMware NSX 4.x Tier-1 Gateway Firewall Security Technical Implementation Guide
V1R22024-12-201 of 5 findings match
VMware NSX-T Distributed Firewall Security Technical Implementation Guide
V1R32023-06-231 of 7 findings match
Show 1 more STIG in this category →
VMware NSX-T Tier-0 Gateway RTR Security Technical Implementation Guide
V1R22022-09-011 of 16 findings match

Cloud / Identity Service

1 STIG
Cloud Computing Mission Owner Network Security Requirements Guide
V1R22024-12-204 of 9 findings match

Endpoint Security Management

3 STIGs
Intrusion Detection and Prevention Systems Security Requirements Guide
32025-05-191 of 58 findings match
Intrusion Detection and Prevention Systems Security Requirements Guide
V3R42025-09-221 of 60 findings match
Ivanti Sentry 9.x ALG Security Technical Implementation Guide
V3R12024-09-251 of 32 findings match