From Remote Access Server STIG
Part of SRC-NET-070 Use of group policy
Associated with IA controls: ECSC-1
The access control policy configuration is the key security control of the remote access solution. This policy should be centralized particulary when multiple remote access control gateways and communications devices are used. Use of a policy server that can service all types of is highly encouraged. This reduces policy complexity, facilitates management of remote access, and reduces the threat posed by inadvertent administration error with access restrictions. Access control should be managed using access groups and placing the users into these groups. RADIUS or Active Directory groups will facilitate single sign-on and make modification of users and resources across the network easier.
Review the remote access gateway (RAS or VPN) configuration. Verify that resources and priviledges are assigned to groups not individual users. Verify that the user groups are defined on the authentication server unless not technologically feasible.
Ensure the default network access control policy is modified to restrict remote access based on group policy rather than configured for each individual user.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer