STIGhubSTIGhub
STIGhub— A free STIG search and compliance tool·STIGs updated 3 hours ago
Powered by Pylon·Privacy·Terms·Feedback·© 2026 Beacon Cloud Solutions, Inc.
← Back to Ivanti Policy Secure NAC Security Technical Implementation Guide

V-285224

CAT II (Medium)

The Ivanti Policy Secure NAC must be configured to terminate the session or redirect the endpoint to the remediation VLAN when a device requesting access fails the Host Checker policy checks.

Rule ID

SV-285224r1244922_rule

STIG

Ivanti Policy Secure NAC Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-000213

Discussion

Automated and manual procedures for remediation for critical security updates will be managed differently. Continuing to assess and remediate endpoints with risks that could endanger the network could impact network usage for all users.

Check Content

In the Ivanti Policy Secure Web UI, navigate to Authentication >> Endpoint Security >>Host Checker.

If a Host Checker policy is not configured to terminate the session or redirect to a remediation VLAN based on the site's SSP, this is a finding.

Fix Text

1. In the Ivanti Policy Secure Web UI, navigate to Authentication >> Endpoint Security >>Host Checker.
2. Under "Policies", click "New".
3. Type a name. 
4. Click "Continue".
5. Under "Rule Settings", select "Rule type". 
6. Create Host Checker rules for failed policy assessment to either terminate the session or redirect the endpoint to the remediation VLAN.
7. Click "Save Changes".