For Impact Level 6, the Mission Owner must process connection approval to the SIPRNet through the DISA classified connection approval process.

Severity
Group ID
Group Title
Version
Rule ID
Date
STIG Version
mediumV-259878SRG-OS-000368SRG-OS-000368-CLD-000041SV-259878r958804_rule2024-12-191
Description
The DOD Mission Owner systems/applications instantiated in these Impact Level 6 CSO enclaves will be assessed and authorized in the same way as any other DOD SIPRNet enclave connection in accordance with the DISA CPG. Approval for connection to the SIPRNet will be processed through the DISA classified connection approval process as with any other SIPRNet enclave.
ℹ️ Check
If this is not Impact Level 6, this is not applicable. Verify with the site personnel that the CSO is registered in SNAP. If the Mission Owner does not process connection approval to the SIPRNet through the DISA classified connection approval process. this is a finding.
✔️ Fix
This applies to Impact Level 6. FedRAMP High. Register the IaaS/PaaS CSP's cloud service offering in SNAP for the connection approval. Register the IP address that the cloud service offering uses for the cloud management portal.