Information
This recommendation pertains to establishing a virtual private network (VPN) connection as needed.
Rationale:
The network to which a device connects provides important services that may be exploited by a malicious actor. Establishing a VPN mitigates the associated risks by encrypting data in transit and using known good network services, such as DNS.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
This remediation procedure cannot be accomplished with a checkbox. As mentioned below, a per-application VPN configuration is the preferred solution, but a system-wide VPN is also acceptable. An appropriate solution will need to be determined and implemented.
From the Configuration Profile:
Open Apple Configurator.
Open the Configuration Profile.
In the left window pane, click on the VPN tab.
In the right window pane, enter an appropriate VPN configuration.
Deploy the Configuration Profile.
From the device,
Tap Settings.
Tap General.
Tap VPN.
Enter an appropriate VPN configuration.