STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Application Security and Development Security Technical Implementation Guide

V-222671

CAT II (Medium)

Connections between the DoD enclave and the Internet or other public or commercial wide area networks must require a DMZ.

Rule ID

SV-222671r961863_rule

STIG

Application Security and Development Security Technical Implementation Guide

Version

V6R4

CCIs

CCI-001119

Discussion

In order to protect DoD data and systems, all remote access to DoD information systems must be mediated through a managed access control point, such as a remote access server in a DMZ.

Check Content

Interview the application representative and determine if the application is publicly accessible.

If the application is publicly accessible and traffic is not being routed through a DMZ, this is a finding.

Fix Text

Setup a DMZ between DoD and public networks.