{"description": "The Strongswan package provides an implementation of IPsec\nand IKE, which permits the creation of secure tunnels over\nuntrusted networks. The <code>strongswan</code> package can be installed with the following command:\n<pre>\n$ apt-get install strongswan</pre>", "rationale": "Providing the ability for remote users or systems\nto initiate a secure VPN connection protects information when it is\ntransmitted over a wide area network.", "severity": "medium", "references": {"cis-csc": ["12", "15", "3", "5", "8"], "cobit5": ["APO13.01", "DSS01.04", "DSS05.02", "DSS05.03", "DSS05.04"], "isa-62443-2009": ["4.3.3.6.5", "4.3.3.6.6", "4.3.3.6.7", "4.3.3.6.8"], "isa-62443-2013": ["SR 1.13", "SR 2.6", "SR 3.1", "SR 3.5", "SR 3.8", "SR 4.1", "SR 4.3", "SR 5.1", "SR 5.2", "SR 5.3", "SR 7.1", "SR 7.6"], "iso27001-2013": ["A.11.2.4", "A.11.2.6", "A.13.1.1", "A.13.2.1", "A.14.1.3", "A.15.1.1", "A.15.2.1", "A.6.2.1", "A.6.2.2"], "nist": ["CM-6(a)"], "nist-csf": ["PR.AC-3", "PR.MA-2", "PR.PT-4"], "pcidss": ["Req-4.1"], "srg": ["SRG-OS-000480-GPOS-00227", "SRG-OS-000120-GPOS-00061"]}, "control_references": {}, "components": [], "identifiers": {}, "ocil_clause": "the package is not installed", "ocil": " Run the following command to determine if the <code>strongswan</code> package is installed: <pre>$ dpkg -l  strongswan</pre>", "oval_external_content": null, "fixtext": "", "checktext": "", "vuldiscussion": "", "srg_requirement": "", "warnings": [], "conflicts": [], "requires": [], "policy_specific_content": {}, "platform": null, "platforms": [], "sce_metadata": {}, "inherited_platforms": [], "cpe_platform_names": [], "inherited_cpe_platform_names": [], "bash_conditional": null, "fixes": {}, "title": "Install strongswan Package", "definition_location": "/aptdata/openscap/scap-security-guide/linux_os/guide/system/network/network-ipsec/package_strongswan_installed/rule.yml", "template": {"name": "package_installed", "vars": {"pkgname": "strongswan"}, "backends": {}}}