5.1 Ensure no Network ACLs allow ingress from 0.0.0.0/0 to remote server administration ports | CIS Amazon Web Services Foundations L1 1.3.0 | amazon_aws | SYSTEM AND COMMUNICATIONS PROTECTION |
F5BI-LT-000303 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound SMTP and Extended SMTP communications traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
F5BI-LT-000305 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound FTP and FTPS communications traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
F5BI-LT-000307 - The BIG-IP Core implementation must be configured to inspect for protocol compliance and protocol anomalies in inbound HTTP and HTTPS traffic to virtual servers. | DISA F5 BIG-IP Local Traffic Manager STIG v2r3 | F5 | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
PANW-AG-000015 - The Palo Alto Networks security platform, if used to provide intermediary services for remote access communications traffic (TLS or SSL decryption), must ensure inbound and outbound traffic is monitored for compliance with remote access security policies - TLS/SSL must monitor traffic. | DISA STIG Palo Alto ALG v2r1 | Palo_Alto | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
PANW-AG-000078 - The Palo Alto Networks security platform, if used as a TLS gateway/decryption point or VPN concentrator, must control remote access methods (inspect and filter traffic). | DISA STIG Palo Alto ALG v2r1 | Palo_Alto | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
PANW-AG-000147 - The Palo Alto Networks security platform must inspect inbound and outbound SMTP and Extended SMTP communications traffic (if authorized) for protocol compliance and protocol anomalies. | DISA STIG Palo Alto ALG v3r1 | Palo_Alto | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
PANW-AG-000148 - The Palo Alto Networks security platform must inspect inbound and outbound FTP and FTPS communications traffic (if authorized) for protocol compliance and protocol anomalies. | DISA STIG Palo Alto ALG v3r1 | Palo_Alto | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
PANW-AG-000148 - The Palo Alto Networks security platform must inspect inbound and outbound FTP and FTPS communications traffic (if authorized) for protocol compliance and protocol anomalies. | DISA STIG Palo Alto ALG v2r1 | Palo_Alto | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
PANW-AG-000149 - The Palo Alto Networks security platform must inspect inbound and outbound HTTP traffic (if authorized) for protocol compliance and protocol anomalies. | DISA STIG Palo Alto ALG v3r1 | Palo_Alto | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Forwarding Host | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Policy Rules | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
SYMP-AG-000240 - The reverse proxy Symantec ProxySG providing intermediary services for FTP must inspect inbound FTP communications traffic for protocol compliance and protocol anomalies - Review Proxies | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
SYMP-AG-000250 - Symantec ProxySG providing intermediary services for FTP must inspect outbound FTP communications traffic for protocol compliance and protocol anomalies. | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
SYMP-AG-000260 - Symantec ProxySG providing intermediary services for HTTP must inspect inbound HTTP traffic for protocol compliance and protocol anomalies - Explicit | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
SYMP-AG-000260 - Symantec ProxySG providing intermediary services for HTTP must inspect inbound HTTP traffic for protocol compliance and protocol anomalies - External | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
SYMP-AG-000260 - Symantec ProxySG providing intermediary services for HTTP must inspect inbound HTTP traffic for protocol compliance and protocol anomalies - Internal | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - Explicit | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - External | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
SYMP-AG-000270 - Symantec ProxySG providing intermediary services for HTTP must inspect outbound HTTP traffic for protocol compliance and protocol anomalies - Internal | DISA Symantec ProxySG Benchmark ALG v1r3 | BlueCoat | CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |