STIGhubSTIGhub
STIGhub— A free STIG search and compliance tool·STIGs updated 3 hours ago
Powered by Pylon·Privacy·Terms·Feedback·© 2026 Beacon Cloud Solutions, Inc.
← Back to Ivanti Policy Secure NAC Security Technical Implementation Guide

V-285223

CAT II (Medium)

The Ivanti Policy Secure NAC must be configured to notify the user before proceeding with remediation of the user's endpoint device when automated remediation is used.

Rule ID

SV-285223r1244921_rule

STIG

Ivanti Policy Secure NAC Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000213

Discussion

Connections that bypass established security controls should only be used in cases of administrative need. These procedures and use cases must be approved by the information system security manager (ISSM).

Check Content

In the Ivanti Policy Secure Web UI, navigate to Authentication >> Endpoint Security >> Host Checker.

If there are no Host Checker policies to notify the user before proceeding with remediation of the user's endpoint device when automated remediation is used, this is a finding.

Fix Text

1. In the Ivanti Policy Secure Web UI, navigate to Authentication >> Endpoint Security >>Host Checker.
2. Under "Policies", click "New".
3. Type a name. 
4. Click "Continue".
5. Under "Rule Settings", select "Rule type". 
6. Create Host Checker rules to notify the user before proceeding with remediating the user's endpoint device when automated remediation is used.
7. Click "Save Changes".