From Microsoft Windows 10 Mobile Security Technical Implementation Guide
Part of PP-MDF-201029
Associated with: CCI-000366 CCI-002824
Spilt-tunneling allows multiple simultaneous remote connections to the mobile device. Without VPN split-tunneling disabled, malicious applications can covertly off-load device data to a third-party server or set up a trusted tunnel between a non-DoD third-party server and a DoD network, providing a vector to attack the network.
Review Windows 10 Mobile documentation and inspect the configuration on Windows 10 Mobile to disable VPN split-tunneling (if Windows 10 Mobile) provides a configurable control). This validation procedure is performed only on the MDM administration console. On the MDM administration console: Ask the MDM administrator to verify that the site-specific VPN policy on the MDM console has been configured to disable split-tunneling. If the site-specific VPN profile on the MDM is not configured to disable split-tunneling functionality, this is a finding.
Configure the site-specific VPN profile on the MDM to disable split-tunneling.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer