Item Search

Name	Audit Name	Plugin	Category
1.2 Ensure End of Life JUNOS Devices are not used	CIS Juniper OS Benchmark v2.1.0 L1	Juniper	CONFIGURATION MANAGEMENT
4.2.2 Ensure IS-IS neighbor authentication is set to SHA1	CIS Juniper OS Benchmark v2.1.0 L2	Juniper	IDENTIFICATION AND AUTHENTICATION
6.3.2 Ensure Local Accounts can ONLY be used during loss of external AAA	CIS Juniper OS Benchmark v2.1.0 L1	Juniper	ACCESS CONTROL, IDENTIFICATION AND AUTHENTICATION
6.6.1.3 Ensure Minimum Backoff Factor of 5	CIS Juniper OS Benchmark v2.1.0 L1	Juniper	ACCESS CONTROL
AMLS-L3-000240 - The Arista Multilayer Switch must be configured to disable non-essential capabilities.	DISA STIG Arista MLS DCS-7000 Series RTR v1r4	Arista	CONFIGURATION MANAGEMENT
AOSX-15-000016 - The macOS system must be integrated into a directory services infrastructure.	DISA STIG Apple Mac OSX 10.15 v1r10	Unix	CONFIGURATION MANAGEMENT
ARST-RT-000260 - The Arista router must be configured to have all non-essential capabilities disabled.	DISA STIG Arista MLS EOS 4.2x Router v2r1	Arista	CONFIGURATION MANAGEMENT
Big Sur - Integrate System into a Directory Services Infrastructure	NIST macOS Big Sur v1.4.0 - All Profiles	Unix	CONFIGURATION MANAGEMENT
DISA_F5_BIG-IP_APM_v2r3.audit from DISA F5 BIG-IP Access Policy Manager v2r3 STIG	DISA F5 BIG-IP Access Policy Manager STIG v2r3	F5
DISA_F5_BIG-IP_ASM_v2r1.audit from DISA F5 BIG-IP Application Security Manager v2r1 STIG	DISA F5 BIG-IP Application Security Manager STIG v2r1	F5
DISA_STIG_Docker_Enterprise_2.x_Linux_Unix_UCP_v2r2.audit from DISA Docker Enterprise 2.x Linux/UNIX v2r2 STIG	DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2	Unix
DISA_STIG_McAfee_VSEL_1.9.x_2.0.x_Local_Client_v1r6.audit from DISA McAfee VSEL 1.9/2.0 Local Client v1r6 STIG	McAfee Virus Scan Enterprise for Linux 1.9x/2.0x Local Client v1r6	Unix
DISA_STIG_Microsoft_Excel_2010_v1r11.audit for Microsoft Excel 2010, from DISA STIG Microsoft Excel 2010 v1r11	DISA STIG Office 2010 Excel v1r11	Windows
DISA_STIG_Microsoft_OneNote_2013_v1r2.audit for Microsoft OneNote 2013, from DISA STIG Microsoft OneNote 2013 v1r3	DISA STIG Microsoft OneNote 2013 v1r3	Windows
DISA_STIG_Microsoft_OneNote_2016_v1r2.audit for Microsoft OneNote 2016, from DISA STIG Microsoft OneNote 2016 v1r2	DISA STIG Microsoft OneNote 2016 v1r2	Windows
DISA_STIG_Microsoft_Outlook_2013_v1r12.audit for Microsoft Outlook 2013, from DISA STIG Microsoft Outlook 2013 v1r12	DISA STIG Microsoft Outlook 2013 v1r13	Windows
DISA_STIG_Microsoft_PowerPoint_2016_v1r1.audit for Microsoft PowerPoint 2016, from DISA STIG Microsoft PowerPoint 2016 v1r1	DISA STIG Microsoft PowerPoint 2016 v1r1	Windows
DISA_STIG_Microsoft_Publisher_2016_v1r3.audit for Microsoft Publisher 2016, from DISA STIG Microsoft Publisher 2016 v1r3	DISA STIG Microsoft Publisher 2016 v1r3	Windows
DISA_STIG_Microsoft_Visio_2016_v1r1.audit for Microsoft Visio 2016, from DISA STIG Microsoft Visio 2016 v1r1	DISA STIG Microsoft Visio 2016 v1r1	Windows
DISA_STIG_Microsoft_Word_2016_v1r1.audit for Microsoft Word 2016, from DISA STIG Microsoft Word 2016 v1r1	DISA STIG Microsoft Word 2016 v1r1	Windows
DISA_STIG_Splunk_Enterprise_7.x_for_Windows_OS_v3r1.audit from DISA Splunk Enterprise 7.x for Windows v3r1 STIG	DISA STIG Splunk Enterprise 7.x for Windows v3r1 OS	Windows
DISA_STIG_Splunk_Enterprise_7.x_for_Windows_REST_API_v3r1.audit from DISA Splunk Enterprise 7.x for Windows v3r1 STIG	DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API	Splunk
DISA_STIG_Splunk_Enterprise_8.x_for_Linux_OS_v2r1.audit from DISA Splunk Enterprise 8.x for Linux v2r1 STIG	DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG OS	Unix
DISA_STIG_Splunk_Enterprise_8.x_for_Linux_REST_API_v2r1.audit from DISA Splunk Enterprise 8.x for Linux v2r1 STIG	DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API	Splunk
DISA_STIG_VMware_vSphere_7.0_Photon_OS_v1r4.audit from DISA VMware vSphere 7.0 vCenter Appliance Photon OS v1r4 STIG	DISA STIG VMware vSphere 7.0 Photon OS v1r4	Unix
DISA_STIG_Windows_Firewall_v2r2.audit from DISA Microsoft Windows Defender Firewall with Advanced Security v2r2 STIG	DISA Microsoft Windows Firewall v2r2	Windows
DISA_VMware_vSphere_8.0_vCenter_Appliance_Lookup_Service_STIG_v2r1.audit from DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1	DISA VMware vSphere 8.0 vCenter Appliance Lookup Service STIG v2r1	Unix
JUEX-RT-000010 - The Juniper router must be configured to enforce approved authorizations for controlling the flow of information within the network based on organization-defined information flow control policies.	DISA Juniper EX Series Router v2r1	Juniper	ACCESS CONTROL
JUEX-RT-000080 - The Juniper router configured for Multicast Source Discovery Protocol (MSDP) must filter source-active multicast advertisements to external MSDP peers to avoid global visibility of local-only multicast sources and groups.	DISA Juniper EX Series Router v2r1	Juniper	ACCESS CONTROL
JUEX-RT-000100 - The Juniper router configured for BGP must reject route advertisements from CE routers with an originating AS in the AS_PATH attribute that does not belong to that customer.	DISA Juniper EX Series Router v2r1	Juniper	ACCESS CONTROL
JUEX-RT-000120 - The Juniper router must be configured to enforce approved authorizations for controlling the flow of information between interconnected networks in accordance with applicable policy.	DISA Juniper EX Series Router v2r1	Juniper	ACCESS CONTROL
JUEX-RT-000150 - The Juniper multicast edge router must be configured to establish boundaries for administratively scoped multicast traffic.	DISA Juniper EX Series Router v2r1	Juniper	ACCESS CONTROL
JUEX-RT-000180 - The Juniper perimeter router must not be configured to be a Border Gateway Protocol (BGP) peer to an alternate gateway service provider.	DISA Juniper EX Series Router v2r1	Juniper	ACCESS CONTROL
JUEX-RT-000210 - The Juniper out-of-band management (OOBM) gateway router must not be configured to redistribute routes between the management network routing domain and the managed network routing domain.	DISA Juniper EX Series Router v2r1	Juniper	ACCESS CONTROL
JUEX-RT-000300 - The Juniper router must be configured to authenticate all routing protocol messages using NIST-validated FIPS 198-1 message authentication code algorithm.	DISA Juniper EX Series Router v2r1	Juniper	IDENTIFICATION AND AUTHENTICATION
JUEX-RT-000430 - The Juniper BGP router must be configured to reject outbound route advertisements for any prefixes belonging to the IP core.	DISA Juniper EX Series Router v2r1	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
JUEX-RT-000580 - The Juniper router must not be configured to have any zero-touch deployment feature enabled when connected to an operational network.	DISA Juniper EX Series Router v2r1	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
JUEX-RT-000610 - The Juniper router must be configured to have IP directed broadcast disabled on all interfaces.	DISA Juniper EX Series Router v2r1	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
JUEX-RT-000650 - The Juniper BGP router must be configured to use the prefix limit feature to protect against route table flooding and prefix deaggregation attacks.	DISA Juniper EX Series Router v2r1	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
JUEX-RT-000700 - The Juniper multicast Designated Router (DR) must be configured to limit the number of mroute states resulting from Internet Group Management Protocol (IGMP) and Multicast Listener Discovery (MLD) Host Membership Reports.	DISA Juniper EX Series Router v2r1	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
JUEX-RT-000740 - The Juniper perimeter router must be configured to block inbound packets with source Bogon IP address prefixes.	DISA Juniper EX Series Router v2r1	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
JUEX-RT-000770 - The Juniper perimeter router must be configured to block all outbound management traffic.	DISA Juniper EX Series Router v2r1	Juniper	SYSTEM AND COMMUNICATIONS PROTECTION
JUEX-RT-000880 - The Juniper BGP router must be configured to use its loopback address as the source address for iBGP peering sessions.	DISA Juniper EX Series Router v2r1	Juniper	CONFIGURATION MANAGEMENT
JUEX-RT-000900 - The Juniper MPLS router must be configured to synchronize IGP and LDP to minimize packet loss when an IGP adjacency is established prior to LDP peers completing label exchange.	DISA Juniper EX Series Router v2r1	Juniper	CONFIGURATION MANAGEMENT
JUEX-RT-000910 - The Juniper MPLS router must be configured to have TTL Propagation disabled.	DISA Juniper EX Series Router v2r1	Juniper	CONFIGURATION MANAGEMENT
JUEX-RT-000940 - The Juniper PE router must be configured to have each VRF with the appropriate Route Distinguisher (RD).	DISA Juniper EX Series Router v2r1	Juniper	CONFIGURATION MANAGEMENT
JUEX-RT-000990 - The Juniper router must be configured to advertise a hop limit of at least 32 in Router Advertisement messages for IPv6 stateless auto-configuration deployments.	DISA Juniper EX Series Router v2r1	Juniper	CONFIGURATION MANAGEMENT
JUSX-DM-000039 - The Juniper SRX Services Gateway must allow only the information system security manager (ISSM) (or administrators/roles appointed by the ISSM) to select which auditable events are to be generated and forwarded to the syslog and/or local logs - or administrators/roles appointed by the ISSM to select which auditable events are to be generated and forwarded to the syslog and/or local logs.	DISA Juniper SRX Services Gateway NDM v3r2	Juniper	ACCESS CONTROL, CONFIGURATION MANAGEMENT
JUSX-VN-000011 - If IDPS inspection is performed separately from the Juniper SRX Services Gateway VPN device, the VPN must route sessions to an IDPS for inspection.	DISA Juniper SRX Services Gateway VPN v3r1	Juniper	CONFIGURATION MANAGEMENT
Monterey - Integrate System into a Directory Services Infrastructure	NIST macOS Monterey v1.0.0 - All Profiles	Unix	CONFIGURATION MANAGEMENT

Detections

Analytics

Item Search