Detections
Analytics

DISA F5 BIG-IP Advanced Firewall Manager 11.x STIG v1r1

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: DISA F5 BIG-IP Advanced Firewall Manager 11.x STIG v1r1

Updated: 6/17/2024

Authority: DISA STIG

Plugin: F5

Revision: 1.15

Estimated Item Count: 8

File Details

Filename: DISA_F5_BIG-IP_AFM_11_V1R1.audit

Size: 19.9 kB

MD5: 72b8859d1d9d926fd10926295231cd72
SHA256: 37491bc51d85cba5daa24dd1eaaf225e43527cbe4b1a5977fca99be1c8e27f3c

Audit Changelog

 
Revision 1.15

Jun 17, 2024

Miscellaneous
  • Metadata updated.
Revision 1.14

Mar 19, 2024

Miscellaneous
  • Audit deprecated.
  • Metadata updated.
  • References updated.
Revision 1.13

Mar 7, 2023

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.12

Apr 25, 2022

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.11

Jul 30, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.10

Jun 17, 2021

Miscellaneous
  • Metadata updated.
Revision 1.9

Jun 2, 2021

Miscellaneous
  • Metadata updated.
  • Platform check updated.
Added
  • DISA_F5_BIG-IP_AFM_11_v1r1.audit from DISA F5 BIG-IP Advanced Firewall Manager 11.x v1r1 STIG
  • F5BI-AF-000005 - The BIG-IP AFM module must be configured to enforce approved authorizations for controlling the flow of information within the network based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.
  • F5BI-AF-000007 - The BIG-IP AFM module must be configured to restrict or block harmful or suspicious communications traffic by controlling the flow of information between interconnected networks based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.
  • F5BI-AF-000039 - The BIG-IP AFM module must be configured to produce audit records containing information to establish what type of events occurred.
  • F5BI-AF-000223 - The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations - Active FW Rules
  • F5BI-AF-000223 - The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations - Security Policies
  • F5BI-AF-000223 - The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations - Virtual Servers
  • F5BI-AF-000229 - The BIG-IP AFM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.
Removed
  • DISA_F5_BIG-IP_AFM_11_V1R1.audit from DISA F5 BIG-IP Advanced Firewall Manager 11.x STIG
  • F5BI-AF-000005 - The BIG-IP AFM must enforce approved authorizations for controlling the flow of info within the network traffic.
  • F5BI-AF-000007 - The BIG-IP AFM must restrict or block harmful or suspicious communications traffic.
  • F5BI-AF-000039 - The BIG-IP AFM must produce audit records containing information to establish what type of events occurred.
  • F5BI-AF-000223 - The BIG-IP AFM must only allow incoming communications from auth. sources routed to auth. destinations - Active FW Rules
  • F5BI-AF-000223 - The BIG-IP AFM must only allow incoming communications from auth. sources routed to auth. destinations - Security Policies
  • F5BI-AF-000223 - The BIG-IP AFM must only allow incoming communications from auth. sources routed to auth. destinations - Virtual Servers
  • F5BI-AF-000229 - The BIG-IP AFM must handle invalid inputs in a predictable and documented manner.
Revision 1.8

Apr 28, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.7

Sep 29, 2020

Miscellaneous
  • References updated.
Revision 1.6

Apr 15, 2020

Miscellaneous
  • Metadata updated.
  • References updated.