Connections between the DoD enclave and the Internet or other public or commercial wide area networks must require a DMZ.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-222671 | APSC-DV-003350 | SV-222671r961863_rule | CCI-001119 | medium |
| Description | ||||
| In order to protect DoD data and systems, all remote access to DoD information systems must be mediated through a managed access control point, such as a remote access server in a DMZ. | ||||
| STIG | Date | |||
| Application Security and Development Security Technical Implementation Guide | 2025-02-12 | |||
Details
Check Text (C-222671r961863_chk)
Interview the application representative and determine if the application is publicly accessible.
If the application is publicly accessible and traffic is not being routed through a DMZ, this is a finding.
Fix Text (F-24330r493922_fix)
Setup a DMZ between DoD and public networks.