DISA F5 BIG-IP Advanced Firewall Manager 11.x STIG v1r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA F5 BIG-IP Advanced Firewall Manager 11.x STIG v1r1

Updated: 6/17/2024

Authority: DISA STIG

Plugin: F5

Revision: 1.15

Estimated Item Count: 8

File Details

Filename: DISA_F5_BIG-IP_AFM_11_V1R1.audit

Size: 19.9 kB

MD5: 72b8859d1d9d926fd10926295231cd72
SHA256: 37491bc51d85cba5daa24dd1eaaf225e43527cbe4b1a5977fca99be1c8e27f3c

Audit Items

DescriptionCategories
DISA_F5_BIG-IP_AFM_11_v1r1.audit from DISA F5 BIG-IP Advanced Firewall Manager 11.x v1r1 STIG
F5BI-AF-000005 - The BIG-IP AFM module must be configured to enforce approved authorizations for controlling the flow of information within the network based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.

ACCESS CONTROL

F5BI-AF-000007 - The BIG-IP AFM module must be configured to restrict or block harmful or suspicious communications traffic by controlling the flow of information between interconnected networks based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.

ACCESS CONTROL

F5BI-AF-000039 - The BIG-IP AFM module must be configured to produce audit records containing information to establish what type of events occurred.

AUDIT AND ACCOUNTABILITY

F5BI-AF-000223 - The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations - Active FW Rules

ACCESS CONTROL

F5BI-AF-000223 - The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations - Security Policies

SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-AF-000223 - The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations - Virtual Servers

SYSTEM AND COMMUNICATIONS PROTECTION

F5BI-AF-000229 - The BIG-IP AFM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.