| AMLS-L3-000210 - The Arista Multilayer Switch must enforce information flow control using explicit security attributes (for example, IP addresses, port numbers, protocol, Autonomous System, or interface) on information, source, and destination objects. | DISA STIG Arista MLS DCS-7000 Series RTR v1r4 | Arista | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| AMLS-L3-000220 - The Arista Multilayer Switch must enable neighbor router authentication for control plane protocols except RIP - IS-IS md5 key | DISA STIG Arista MLS DCS-7000 Series RTR v1r4 | Arista | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| Catalina - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall Policy | NIST macOS Catalina v1.5.0 - 800-53r5 Moderate | Unix | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall Policy | NIST macOS Catalina v1.5.0 - 800-53r4 High | Unix | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall Policy | NIST macOS Catalina v1.5.0 - 800-53r4 Moderate | Unix | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| Catalina - Control Connections to Other Systems via a Deny-All and Allow-by-Exception Firewall Policy | NIST macOS Catalina v1.5.0 - All Profiles | Unix | ACCESS CONTROL, SECURITY ASSESSMENT AND AUTHORIZATION, CONFIGURATION MANAGEMENT, SYSTEM AND COMMUNICATIONS PROTECTION |
| CISC-ND-000140 - The Cisco router must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policies. | DISA STIG Cisco IOS XE Router NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000140 - The Cisco switch must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policies. | DISA STIG Cisco NX-OS Switch NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-ND-000140 - The Cisco switch must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policies. | DISA STIG Cisco IOS XE Switch NDM v3r1 | Cisco | ACCESS CONTROL |
| CISC-RT-000030 - The Cisco switch must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages. | DISA STIG Cisco NX-OS Switch RTR v3r1 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| CISC-RT-000480 - The Cisco BGP switch must be configured to use a unique key for each autonomous system (AS) that it peers with. | DISA STIG Cisco NX-OS Switch RTR v3r1 | Cisco | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-AIX00020 - AIX Trusted Computing Base (TCB) software must be implemented. | DISA STIG AIX 6.1 v1r14 | Unix | ACCESS CONTROL, SYSTEM AND SERVICES ACQUISITION |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.high | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.high | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.low | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.low | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.med | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - tune.med | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - uid_aliases | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00120 - The ASET master files must be located in the /usr/aset/masters directory - uid_aliases | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL |
| GEN000000-SOL00160 - If the system is a firewall, ASET must be used on the system, and the firewall parameters must be set in /usr/aset/asetenv. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-SOL00160 - If the system is a firewall, ASET must be used on the system, and the firewall parameters must be set in /usr/aset/asetenv. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-SOL00180 - The Solaris system Automated Security Enhancement Tool (ASET) configurable parameters in the asetenv file must be correct - ASET configurable parameters in the asetenv file must be correct. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-SOL00180 - The Solaris system Automated Security Enhancement Tool (ASET) configurable parameters in the asetenv file must be correct - ASET configurable parameters in the asetenv file must be correct. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-SOL00200 - The asetenv file YPCHECK variable must be set to true when NIS+ is configured. | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-SOL00200 - The asetenv file YPCHECK variable must be set to true when NIS+ is configured. | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-SOL00220 - The /usr/aset/userlist file must exist - /usr/aset/userlist | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-SOL00220 - The /usr/aset/userlist file must exist - /usr/aset/userlist | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-SOL00220 - The /usr/aset/userlist file must exist - exec with userlist | DISA STIG Solaris 10 X86 v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN000000-SOL00220 - The /usr/aset/userlist file must exist - exec with userlist | DISA STIG Solaris 10 SPARC v2r4 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003608 - Proxy Address Resolution Protocol (Proxy ARP) must not be enabled on the system. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003609 - The system must ignore IPv4 ICMP redirect messages - 'net.ipv4.conf.all.accept_redirects' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003609 - The system must ignore IPv4 ICMP redirect messages - 'net.ipv4.conf.default.accept_redirects' | DISA STIG for Red Hat Enterprise Linux 5 v1r18 Audit | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003619 - The system must not be configured for network bridging. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN003860 - The system must not have the finger service active. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN007660 - The Bluetooth protocol handler must be disabled or not installed - 'install bluetooth /bin/true' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN007780 - The system must not have 6to4 enabled. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN007800 - The system must not have Teredo enabled. | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN007820 - The system must not have IP tunnels configured - '/sbin/ip -6 tun list' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GEN007820 - The system must not have IP tunnels configured - '/sbin/ip tun list' | DISA STIG for Oracle Linux 5 v2r1 | Unix | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GOOG-09-004500 - The Google Android Pie must be configured to disable exceptions to the access control policy that prevents application processes from accessing all data stored by other application processes - Copy/Paste | MobileIron - DISA Google Android 9.x v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GOOG-09-004500 - The Google Android Pie must be configured to disable exceptions to the access control policy that prevents application processes from accessing all data stored by other application processes - Sharing data into the profile | MobileIron - DISA Google Android 9.x v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GOOG-09-004500 - The Google Android Pie must be configured to disable exceptions to the access control policy that prevents application processes from accessing all data stored by other application processes. | AirWatch - DISA Google Android 9.x v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| GOOG-10-004500 - Google Android 10 must be configured to disable exceptions to the access control policy that prevents application processes from accessing all data stored by other application processes - Copy/Paste | MobileIron - DISA Google Android 10.x v2r1 | MDM | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| JUNI-ND-000140 - The Juniper router must be configured to enforce approved authorizations for controlling the flow of management information within the device based on control policies. | DISA STIG Juniper Router NDM v3r1 | Juniper | ACCESS CONTROL |
| JUNI-RT-000020 - The Juniper router must be configured to implement message authentication for all control plane protocols - BGP | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| JUNI-RT-000020 - The Juniper router must be configured to implement message authentication for all control plane protocols - IS-IS key | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| JUNI-RT-000020 - The Juniper router must be configured to implement message authentication for all control plane protocols - LDP | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| JUNI-RT-000020 - The Juniper router must be configured to implement message authentication for all control plane protocols - RIP key | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
| JUNI-RT-000030 - The Juniper router must be configured to use keys with a duration not exceeding 180 days for authenticating routing protocol messages. | DISA STIG Juniper Router RTR v3r1 | Juniper | ACCESS CONTROL, CONFIGURATION MANAGEMENT |
