STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← SC-7 (7) — Boundary Protection

CCI-002397

Definition

Prevent split tunneling for remote devices connecting to organizational systems unless the split tunnel is securely provisioned using organization-defined safeguards.

Parent Control

SC-7 (7)Boundary ProtectionSystem and Communications Protection

Linked STIG Checks (8)

V-239982CAT IIThe Cisco ASA VPN remote access server must be configured to disable split-tunneling for remote clients.Cisco ASA VPN Security Technical Implementation GuideV-266172CAT IIThe F5 BIG-IP appliance providing remote access intermediary services must disable split-tunneling for remote clients' VPNs.F5 BIG-IP TMOS ALG Security Technical Implementation GuideV-267000CAT IIAOS, when used as a VPN Gateway, must disable split-tunneling for remote client VPNs.HPE Aruba Networking AOS VPN Security Technical Implementation GuideV-266644CAT IIAOS, in conjunction with a remote device, must prevent the device from simultaneously establishing nonremote connections with the system and communicating via some other connection to resources in external networks.HPE Aruba Networking AOS Wireless Security Technical Implementation GuideV-258596CAT IIThe ICS must be configured to disable split-tunneling for remote client VPNs.Ivanti Connect Secure VPN Security Technical Implementation GuideV-66677CAT IIThe Juniper SRX Services Gateway VPN must disable split-tunneling for remote clients VPNs.Juniper SRX SG VPN Security Technical Implementation GuideV-214695CAT IIThe Juniper SRX Services Gateway VPN must disable split-tunneling for remote clients VPNs.Juniper SRX Services Gateway VPN Security Technical Implementation GuideV-207243CAT IIThe VPN Gateway must disable split-tunneling for remote clients VPNs.Virtual Private Network (VPN) Security Requirements Guide