Enabling a connection that extends DISN IP network connectivity (e.g., NIPRNet and SIPRNet) to any DoD Vendor, Foreign, or Federal Mission Partner enclave or network without a signed DoD CIO approved sponsorship memo is prohibited. For classified connectivity it must be to a DSS approved contractor facility or DoD Component approved foreign government facility.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
| V-251380 | NET1826 | SV-251380r806095_rule | CCI-000366 | high |
| Description | ||||
| Having a circuit provisioned that connects the SIPRNet enclave to a non-DoD, foreign, or contractor network puts the enclave and the entire SIPRNet at risk. If the termination point is not operated by the government, there is no control to ensure that the network element at the remote facility is not compromised or connected to another network. | ||||
| STIG | Date | |||
| Network Infrastructure Policy Security Technical Implementation Guide | 2024-08-02 | |||
Related Frameworks
4 paths across 3 frameworks
Related Frameworks
NIST 800-531 mapping
CM-6
1.00
- DISA · V10R7 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
NIST 800-1712 mappings
3.4.1
1.00
- DISA · V10R7 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
3.4.2
1.00
- DISA · V10R7 · disa_xccdf · related
- DISA · 2025-01-23 · disa_cci_list · equivalent
- NIST · Rev 2 (Feb 2020, errata Jan 2021) · nist_800_171_app_d · equivalent
CCI1 mapping
CCI-000366
1.00
- DISA · V10R7 · disa_xccdf · related
Details
Check Text (C-251380r806095_chk)
Review the topology diagram of the classified network.
If there are any leased circuits connecting to DoD Vendor, Foreign, or Federal Mission Partner enclave or network without a signed DoD CIO-approved sponsorship memo, this is a finding.
If classified connectivity is not to a DSS-approved contractor facility or DoD Component-approved foreign government facility, this is a finding.
Fix Text (F-54768r806094_fix)
Terminate all leased circuits connecting to DoD Vendor, Foreign, or Federal Mission Partner enclave or network without a signed DoD CIO-approved sponsorship memo.
Terminate all leased circuits for a classified network that is not connecting to a DSS-approved contractor facility or DoD Component-approved foreign government facility.