STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← IA-2 (11) — Remote Access — Separate Device

CCI-001951

Definition

The information system implements multifactor authentication for remote access to non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access.

Parent Control

IA-2 (11)Remote Access — Separate DeviceIdentification and Authentication

Linked STIG Checks (11)

V-237393CAT IIThe CA API Gateway providing user authentication intermediary services must implement multifactor authentication for remote access to non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access.CA API Gateway ALG Security Technical Implementation GuideV-215728CAT IIThe BIG-IP APM module must be configured to require multifactor authentication for remote access with non-privileged accounts to virtual servers in such a way that one of the factors is provided by a device separate from the system gaining access.F5 BIG-IP Access Policy Manager Security Technical Implementation GuideV-215780CAT IIA BIG-IP Core implementation providing user authentication intermediary services must be configured to require multifactor authentication for remote access to non-privileged accounts in such a way that one of the factors is provided by a device separate from the system gaining access.F5 BIG-IP Local Traffic Manager Security Technical Implementation GuideV-266152CAT IThe F5 BIG-IP appliance providing user authentication intermediary services must uniquely identify and authenticate users using redundant authentication servers and multifactor authentication (MFA).F5 BIG-IP TMOS ALG Security Technical Implementation GuideV-237581CAT IICounterACT, when providing user authentication intermediary services, must implement multifactor authentication for remote access to non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access.ForeScout CounterACT ALG Security Technical Implementation GuideV-252558CAT IIIBM Aspera Console must implement multifactor authentication for remote access to non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access.IBM Aspera Platform 4.2 Security Technical Implementation GuideV-252580CAT IIIBM Aspera Faspex must implement multifactor authentication for remote access to non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access.IBM Aspera Platform 4.2 Security Technical Implementation GuideV-252599CAT IIIBM Aspera Shares must implement multifactor authentication for remote access to non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access.IBM Aspera Platform 4.2 Security Technical Implementation GuideV-251031CAT IIThe Sentry providing mobile device authentication intermediary services must implement multifactor authentication for remote access to non-privileged accounts such that one of the factors is provided by a device separate from the system gaining access.Ivanti MobileIron Sentry 9.x ALG Security Technical Implementation GuideV-251031CAT IIThe Sentry providing mobile device authentication intermediary services must implement multifactor authentication for remote access to nonprivileged accounts such that one of the factors is provided by a device separate from the system gaining access.Ivanti Sentry 9.x ALG Security Technical Implementation GuideV-94285CAT IISymantec ProxySG providing user authentication intermediary services must implement multifactor authentication for remote access to nonprivileged accounts such that one of the factors is provided by a device separate from the system gaining access.Symantec ProxySG ALG Security Technical Implementation Guide