STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 1 hour ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Virtual Private Network (VPN) Security Requirements Guide

V-207227

CAT II (Medium)

The VPN Gateway must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.

Rule ID

SV-207227r608988_rule

STIG

Virtual Private Network (VPN) Security Requirements Guide

Version

V3R4

CCIs

CCI-001190

Discussion

Failure to a known safe state helps prevent systems from failing to a state that may cause loss of data or unauthorized access to system resources. VPN gateways that fail suddenly and with no incorporated failure state planning may leave the hosting system available but with a reduced security protection capability. Preserving information system state information also facilitates system restart and return to the operational mode of the organization with less disruption to mission-essential processes. Abort refers to stopping a program or function before it has finished naturally. The term abort refers to both requested and unexpected terminations.

Check Content

Verify the VPN Gateway is configured to fail to a secure state if system initialization fails, shutdown fails, or aborts fail.

If the VPN Gateway does not fail to a secure state if system initialization fails, shutdown fails, or aborts fail, this is a finding.

Fix Text

Configure the VPN Gateway to fail to a secure state if system initialization fails, shutdown fails, or aborts fail.