Detections
Analytics

Revision 1.9

Jun 2, 2021
Miscellaneous
  • Metadata updated.
  • Platform check updated.
Added
  • DISA_F5_BIG-IP_AFM_11_v1r1.audit from DISA F5 BIG-IP Advanced Firewall Manager 11.x v1r1 STIG
  • F5BI-AF-000005 - The BIG-IP AFM module must be configured to enforce approved authorizations for controlling the flow of information within the network based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.
  • F5BI-AF-000007 - The BIG-IP AFM module must be configured to restrict or block harmful or suspicious communications traffic by controlling the flow of information between interconnected networks based on attribute- and content-based inspection of the source, destination, headers, and/or content of the communications traffic.
  • F5BI-AF-000039 - The BIG-IP AFM module must be configured to produce audit records containing information to establish what type of events occurred.
  • F5BI-AF-000223 - The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations - Active FW Rules
  • F5BI-AF-000223 - The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations - Security Policies
  • F5BI-AF-000223 - The BIG-IP AFM module must be configured to only allow incoming communications from authorized sources routed to authorized destinations - Virtual Servers
  • F5BI-AF-000229 - The BIG-IP AFM module must be configured to handle invalid inputs in a predictable and documented manner that reflects organizational and system objectives.
Removed
  • DISA_F5_BIG-IP_AFM_11_V1R1.audit from DISA F5 BIG-IP Advanced Firewall Manager 11.x STIG
  • F5BI-AF-000005 - The BIG-IP AFM must enforce approved authorizations for controlling the flow of info within the network traffic.
  • F5BI-AF-000007 - The BIG-IP AFM must restrict or block harmful or suspicious communications traffic.
  • F5BI-AF-000039 - The BIG-IP AFM must produce audit records containing information to establish what type of events occurred.
  • F5BI-AF-000223 - The BIG-IP AFM must only allow incoming communications from auth. sources routed to auth. destinations - Active FW Rules
  • F5BI-AF-000223 - The BIG-IP AFM must only allow incoming communications from auth. sources routed to auth. destinations - Security Policies
  • F5BI-AF-000223 - The BIG-IP AFM must only allow incoming communications from auth. sources routed to auth. destinations - Virtual Servers
  • F5BI-AF-000229 - The BIG-IP AFM must handle invalid inputs in a predictable and documented manner.