| ESXI-67-000022 - The ESXi host SSH daemon must be configured to not allow gateway ports. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-67-000026 - The ESXi host SSH daemon must set a timeout count on idle sessions. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-67-000054 - The ESXi host must enable bidirectional CHAP authentication for iSCSI traffic. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-67-000068 - All ESXi host-connected virtual switch VLANs must be fully documented and have only the required VLANs. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-67-000076 - The ESXi host must enable Secure Boot. | DISA STIG VMware vSphere 6.7 ESXi OS v1r3 | Unix | CONFIGURATION MANAGEMENT |
| FNFG-FW-000145 - The FortiGate firewall must be configured to restrict it from accepting outbound packets that contain an illegitimate address in the source address field via an egress filter or by enabling Unicast Reverse Path Forwarding (uRPF). | DISA Fortigate Firewall STIG v1r3 | FortiGate | CONFIGURATION MANAGEMENT |
| KNOX-07-000200 - The Samsung must be configured to not allow passwords with more than two repeating or sequential characters - Numbers | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-012900 - The Samsung Android 7 with Knox must implement the management setting: Disable Admin Remove. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-013900 - The Samsung Android 7 with Knox must implement the management setting: Disable Move Files from Container to Personal. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-018400 - The Samsung Android 7 with Knox must implement the management setting: Configure application disable list. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-018800 - The Samsung Android 7 with Knox must implement the management setting: Enable Audit Log. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-018900 - The Samsung Android 7 with Knox must use a NIAP certified container for work data and applications. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-019000 - Samsung Android 7 mobile device users must complete required training. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-900300 - The Samsung must be configured to not allow Container passwords with more than two repeating or sequential characters. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-913200 - The Samsung must implement the management setting: Configure to enforce a minimum Container password length of 4 characters | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-914400 - The Samsung Android 7 with Knox must implement the management setting: Container Account blacklist. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-914500 - The Samsung Android 7 with Knox must implement the management setting: Configure minimum Container password complexity. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| PHTN-40-000246 The Photon operating system must restrict core dumps. | DISA VMware vSphere 8.0 vCenter Appliance Photon OS 4.0 STIG v2r1 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000087 - The Photon operating system must configure sshd to disallow Kerberos authentication. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000088 - The Photon operating system must configure sshd to use privilege separation. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000103 - The Photon operating system must be configured so that all cron paths are protected from unauthorized modification - cron.monthly | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000104 - The Photon operating system must not forward IPv4 or IPv6 source-routed packets - net.ipv4.conf.eth0.accept_source_route | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000105 - The Photon operating system must not respond to IPv4 Internet Control Message Protocol (ICMP) echoes sent to a broadcast address. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000107 - The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) secure redirect messages from being accepted - net.ipv4.conf.all.secure_redirects | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000107 - The Photon operating system must prevent IPv4 Internet Control Message Protocol (ICMP) secure redirect messages from being accepted - net.ipv4.conf.default.secure_redirects | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000108 - The Photon operating system must not send IPv4 Internet Control Message Protocol (ICMP) redirects - net.ipv4.conf.all.send_redirects | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000108 - The Photon operating system must not send IPv4 Internet Control Message Protocol (ICMP) redirects - net.ipv4.conf.eth0.send_redirects | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000109 - The Photon operating system must log IPv4 packets with impossible addresses - net.ipv4.conf.eth0.log_martians | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000110 - The Photon operating system must use a reverse-path filter for IPv4 network traffic - net.ipv4.conf.all.rp_filter | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000110 - The Photon operating system must use a reverse-path filter for IPv4 network traffic - net.ipv4.conf.eth0.rp_filter | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000118 - The Photon operating system must protect all boot configuration files from unauthorized access. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000119 - The Photon operating system must protect sshd configuration from unauthorized access. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000999 - The version of the Photon OS running on the server must be a supported version. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010063 - The Red Hat Enterprise Linux operating system must disable the login screen user list for graphical user interfaces. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010291 - The Red Hat Enterprise Linux operating system must not have accounts configured with blank or null passwords. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| RHEL-07-010339 - The Red Hat Enterprise Linux operating system must specify the default 'include' directory for the /etc/sudoers file - include directory for the /etc/sudoers file. | DISA Red Hat Enterprise Linux 7 STIG v3r15 | Unix | CONFIGURATION MANAGEMENT |
| SPLK-CL-000290 - Analysis, viewing, and indexing functions, services, and applications used as part of Splunk Enterprise must be configured to comply with DoD-trusted path and access requirements. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | CONFIGURATION MANAGEMENT |
| UBTU-16-030401 - The Ubuntu operating system SSH daemon must prevent remote hosts from connecting to the proxy display. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT |
| VCTR-67-000014 - The vCenter Server must set the distributed port group MAC Address Change policy to reject. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000019 - The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000020 - The vCenter Server must not configure all port groups to VLAN values reserved by upstream physical switches. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000025 - The vCenter Server must disable the managed object browser (MOB) at all times when not required for troubleshooting or maintenance of managed objects. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000052 - The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000055 - The vCenter Server must configure the vSAN Datastore name to a unique name. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000059 - The vCenter Server must enable certificate based authentication. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000072 - The vCenter Server services must be ran using a service account instead of a built-in Windows account. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000075 - The vCenter Server must enable all tasks to be shown to Administrators in the Web Client. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000007 - HGFS file transfers must be disabled on the virtual machine. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000012 - Unauthorized USB devices must be disconnected on the virtual machine. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000999 - The version of VMM running on the server must be a supported version. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
