Tunneling mechanisms must be used for data transmission between interconnected organizations.

From Test and Development Zone C Security Technical Implementation Guide

Part of ENTD0260 - Tunneling mechanism not used for transport.

Associated with IA controls: ECSC-1, ECIC-1

SV-51532r1_rule Tunneling mechanisms must be used for data transmission between interconnected organizations.

Vulnerability discussion

Using tunnels will prohibit data shared between interconnecting sites from leaking onto untrusted networks. These mechanisms are vital for transit over an untrusted network so sensitive information is not accidentally leaked onto the DISN or a non-DoD network. Typical tunnel mechanisms found in use today include, but are not limited to, IPSec, MPLS, GRE, and TACLANE.

Check content

Review the network diagrams to determine whether a tunnel is being used for transport across any untrusted network, such as the DISN or ISP. If a tunnel mechanism is not being used to carry information to other organizations over an untrusted network, this is a finding.

Fix text

Engineer a solution to establish tunnel mechanisms interconnected between organizations over untrusted networks.

Pro Tips

Lavender hyperlinks in small type off to the right (of CSS class id, if you view the page source) point to globally unique URIs for each document and item. Copy the link location and paste anywhere you need to talk unambiguously about these things.

You can obtain data about documents and items in other formats. Simply provide an HTTP header Accept: text/turtle or Accept: application/rdf+xml.

Powered by sagemincer