STIGhubSTIGhub
STIGhub— A free STIG search and compliance tool·STIGs updated 3 hours ago
Powered by Pylon·Privacy·Terms·Feedback·© 2026 Beacon Cloud Solutions, Inc.
← Back to Ivanti Policy Secure NAC Security Technical Implementation Guide

V-284588

CAT II (Medium)

The Ivanti Policy Secure NAC must configure maximum number of sessions per user for all user realms.

Rule ID

SV-284588r1244875_rule

STIG

Ivanti Policy Secure NAC Security Technical Implementation Guide

Version

V1R1

CCIs

CCI-004866

Discussion

Denial-of-service (DoS) events may occur due to a variety of internal and external causes, such as an adversarial attack or a lack of planning to support organizational needs with respect to capacity and bandwidth. Such attacks can occur across a wide range of network protocols (e.g., IPv4, IPv6). A variety of technologies are available to limit or eliminate the origination and effects of DoS events. For example, boundary protection devices can filter certain types of packets to protect system components on internal networks from being directly affected by or the source of DoS attacks. Employing increased network capacity and bandwidth combined with service redundancy also reduces the susceptibility to DoS events.

Check Content

1. In the Ivanti Policy Secure Web UI, navigate to Users >> User Realms >> User Realms.
2. Click the configured admin realm being used for CAC/PKI token user logins.
3. Click the "Authentication Policy" tab, then click "Limits".

If the "Maximum number of sessions per user" is any number other than "1", this is a finding.

Fix Text

1. In the Ivanti Policy Secure Web UI, navigate to Users >> User Realms >> User Realms.
2. Click the configured user realm being used for CAC/PKI token user logins.
3. Click the "Authentication Policy" tab, then click "Limits".
4. In "Maximum number of sessions per user," type "1".
5. Click "Save Changes".