The VPN Gateway must electronically verify the Common Access Card (CAC) credential.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-207240 | SRG-NET-000342 | SRG-NET-000342-VPN-001360 | SV-207240r856714_rule | 2025-09-10 | 3 |
Description
DoD has mandated the use of the CAC as the Personal Identity Verification (PIV) credential to support identity management and personal authentication for systems covered under HSPD 12, as well as a primary component of layered protection for national security systems.
ℹ️ Check
Verify the VPN Gateway electronically verifies the CAC credential.
If the VPN Gateway does not electronically verify Personal Identity Verification (PIV) credentials, this is a finding.
✔️ Fix
Configure the VPN Gateway to electronically verify the CAC credential.