| ESXI-70-000021 - The ESXi host Secure Shell (SSH) daemon must not allow compression or must only allow compression after successful authentication. | DISA STIG VMware vSphere 7.0 ESXi OS v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000022 - The ESXi host Secure Shell (SSH) daemon must be configured to not allow gateway ports. | DISA STIG VMware vSphere 7.0 ESXi OS v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000023 - The ESXi host Secure Shell (SSH) daemon must be configured to not allow X11 forwarding. | DISA STIG VMware vSphere 7.0 ESXi OS v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000027 - The ESXi host Secure Shell (SSH) daemon must set a timeout interval on idle sessions. | DISA STIG VMware vSphere 7.0 ESXi OS v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000054 - The ESXi host must enable bidirectional Challenge-Handshake Authentication Protocol (CHAP) authentication for Internet Small Computer Systems Interface (iSCSI) traffic. | DISA STIG VMware vSphere 7.0 ESXi v1r2 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000057 - The ESXi host must configure the firewall to block network traffic by default - incoming | DISA STIG VMware vSphere 7.0 ESXi v1r2 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000065 - All port groups on standard switches must not be configured to virtual local area network (VLAN) values reserved by upstream physical switches. | DISA STIG VMware vSphere 7.0 ESXi v1r2 | VMware | CONFIGURATION MANAGEMENT |
| ESXI-70-000076 - The ESXi host must enable Secure Boot. | DISA STIG VMware vSphere 7.0 ESXi OS v1r2 | Unix | CONFIGURATION MANAGEMENT |
| ESXI-70-000078 - The ESXi host must use DOD-approved certificates. | DISA STIG VMware vSphere 7.0 ESXi OS v1r2 | Unix | CONFIGURATION MANAGEMENT |
| KNOX-07-000200 - The Samsung must be configured to not allow passwords with more than two repeating or sequential characters - Numbers | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-012900 - The Samsung Android 7 with Knox must implement the management setting: Disable Admin Remove. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-013100 - The Samsung Android 7 with Knox must implement the management setting: Disable Manual Date Time Changes. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-013900 - The Samsung Android 7 with Knox must implement the management setting: Disable Move Files from Container to Personal. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-017200 - The Samsung Android 7 with Knox must be configured to disable Phone Visibility. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-018400 - The Samsung Android 7 with Knox must implement the management setting: Configure application disable list. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-018600 - The Samsung Android 7 with Knox must implement the management setting: Configure minimum password complexity. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-018800 - The Samsung Android 7 with Knox must implement the management setting: Enable Audit Log. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-018900 - The Samsung Android 7 with Knox must use a NIAP certified container for work data and applications. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-019000 - Samsung Android 7 mobile device users must complete required training. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-019100 - The Samsung Android 7 with Knox platform must implement the management setting Disable Nearby devices. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-900300 - The Samsung must be configured to not allow Container passwords with more than two repeating or sequential characters. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-913200 - The Samsung must implement the management setting: Configure to enforce a minimum Container password length of 4 characters | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-913400 - The Samsung must implement the setting: Configure to prohibit more than 10 failed Container authentication attempts. | MobileIron - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-914400 - The Samsung Android 7 with Knox must implement the management setting: Container Account blacklist. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| KNOX-07-914500 - The Samsung Android 7 with Knox must implement the management setting: Configure minimum Container password complexity. | AirWatch - DISA Samsung Android 7 with Knox 2.x v1r1 | MDM | CONFIGURATION MANAGEMENT |
| PHTN-67-000108 - The Photon operating system must not send IPv4 Internet Control Message Protocol (ICMP) redirects - net.ipv4.conf.eth0.send_redirects | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000109 - The Photon operating system must log IPv4 packets with impossible addresses - net.ipv4.conf.eth0.log_martians | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000110 - The Photon operating system must use a reverse-path filter for IPv4 network traffic - net.ipv4.conf.all.rp_filter | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000110 - The Photon operating system must use a reverse-path filter for IPv4 network traffic - net.ipv4.conf.eth0.rp_filter | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000118 - The Photon operating system must protect all boot configuration files from unauthorized access. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000119 - The Photon operating system must protect sshd configuration from unauthorized access. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| PHTN-67-000999 - The version of the Photon OS running on the server must be a supported version. | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | CONFIGURATION MANAGEMENT |
| SOL-11.1-040331 - The sshd server must bind the X11 forwarding server to the loopback address. | DISA STIG Solaris 11 SPARC v3r1 | Unix | CONFIGURATION MANAGEMENT |
| SPLK-CL-000290 - Analysis, viewing, and indexing functions, services, and applications used as part of Splunk Enterprise must be configured to comply with DoD-trusted path and access requirements. | DISA STIG Splunk Enterprise 8.x for Linux v2r1 STIG REST API | Splunk | CONFIGURATION MANAGEMENT |
| UBTU-16-030401 - The Ubuntu operating system SSH daemon must prevent remote hosts from connecting to the proxy display. | DISA STIG Ubuntu 16.04 LTS v2r3 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-18-010419 - The Ubuntu operating system SSH daemon must prevent remote hosts from connecting to the proxy display. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-18-010522 - The Ubuntu operating system must not have accounts configured with blank or null passwords. | DISA STIG Ubuntu 18.04 LTS v2r15 | Unix | CONFIGURATION MANAGEMENT |
| UBTU-20-010460 - The Ubuntu operating system must disable the x86 Ctrl-Alt-Delete key sequence. | DISA STIG Ubuntu 20.04 LTS v2r1 | Unix | CONFIGURATION MANAGEMENT |
| VCTR-67-000014 - The vCenter Server must set the distributed port group MAC Address Change policy to reject. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000019 - The vCenter Server must not configure VLAN Trunking unless Virtual Guest Tagging (VGT) is required and authorized. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000020 - The vCenter Server must not configure all port groups to VLAN values reserved by upstream physical switches. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000025 - The vCenter Server must disable the managed object browser (MOB) at all times when not required for troubleshooting or maintenance of managed objects. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000052 - The vCenter Server must protect the confidentiality and integrity of transmitted information by isolating IP-based storage traffic. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000055 - The vCenter Server must configure the vSAN Datastore name to a unique name. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000059 - The vCenter Server must enable certificate based authentication. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000072 - The vCenter Server services must be ran using a service account instead of a built-in Windows account. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VCTR-67-000075 - The vCenter Server must enable all tasks to be shown to Administrators in the Web Client. | DISA STIG VMware vSphere 6.7 vCenter v1r4 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000007 - HGFS file transfers must be disabled on the virtual machine. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000012 - Unauthorized USB devices must be disconnected on the virtual machine. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
| VMCH-67-000999 - The version of VMM running on the server must be a supported version. | DISA STIG VMware vSphere 6.7 Virtual Machine v1r3 | VMware | CONFIGURATION MANAGEMENT |
