Check for current-hop-limit set | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | |
Check for IS-IS | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | |
Check for no ntp source-address | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | |
Check for no radius source-address | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | |
Check for no snmp source-address | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | |
Check for no syslog source-address | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | |
Check for no tacacs+ source-address | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | |
Check for OSPF | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | |
Check for policy-options route-filters | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | |
Check for syslog | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | |
Check for TACACS+ | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | |
DISA STIG SharePoint 2013 v1r5 | DISA STIG SharePoint 2013 v1r8 | Windows | |
NET-IPV6-025 - The network device must be configured to ensure IPv6 Site Local Unicast addresses are not defined in the enclave, (FEC0::/10) | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | CONFIGURATION MANAGEMENT |
NET-IPV6-059 - The administrator must ensure that the maximum hop limit is at least 32. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | CONFIGURATION MANAGEMENT |
NET-MCAST-002 - A PIM neighbor filter is bound to all interfaces that have PIM enabled - PIM Filter Accept | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
NET-TUNL-017 - ISATAP tunnels must terminate at an interior router. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | CONFIGURATION MANAGEMENT |
NET-VLAN-005 - VLAN 1 traffic traverses across unnecessary trunk | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET0230 - Network devices must be password protected - ssh no-password | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | IDENTIFICATION AND AUTHENTICATION |
NET0400 - The network element must authenticate all IGP peers - IS-IS authentication-type | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0400 - The network element must authenticate all IGP peers - OSPF | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0408 - The network element must authenticate all BGP peers within the same or between autonomous systems (AS). | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | CONFIGURATION MANAGEMENT |
NET0460 - Group accounts must not be configured for use on the network device. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | ACCESS CONTROL |
NET0580 - The router administrator will ensure a password is required to gain access to the router's diagnostics port. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | IDENTIFICATION AND AUTHENTICATION |
NET0730 - The network element must have the Finger service disabled. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | CONFIGURATION MANAGEMENT |
NET0744 - The network element must have all BSDr commands disabled. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | CONFIGURATION MANAGEMENT |
NET0745 - The network element must have the Maintenance Operation Protocol (MOP) service disabled. | DISA STIG Cisco Perimeter L3 Switch v8r32 | Cisco | |
NET0770 - The router must have IP source routing disabled. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0813 - The network element must authenticate all NTP messages received from NTP servers and peers - NTP Server 1 key | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | IDENTIFICATION AND AUTHENTICATION |
NET0898 - The router must use its loopback or OOB management interface address as the source address when originating syslog traffic. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | AUDIT AND ACCOUNTABILITY |
NET0899 - The router must use its loopback or OOB management interface address as the source address when originating NTP traffic. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | AUDIT AND ACCOUNTABILITY |
NET0901 - The router must use its loopback or OOB management interface address as the source address when originating NetFlow traffic. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | CONFIGURATION MANAGEMENT |
NET0986 - The routes from the two IGP domains are redistributed to each other - protocols export | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0987 - Traffic from the managed network is able to access the OOBM gateway router - loopback filter | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
NET0993 - The network element's management interface is not configured as passive for the IGP instance deployed in the managed network. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1005 - An inbound ACL is not configured for the management network sub-interface of the trunk link to block non-management traffic. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1021 - The network element must log all messages except debugging and send all log data to a syslog server. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | AUDIT AND ACCOUNTABILITY |
NET1623 - The network device must require authentication for console access - Classes | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | IDENTIFICATION AND AUTHENTICATION |
NET1624 - The network element must time out access to the console port after 10 minutes or less of inactivity - Super-user-local Class | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | ACCESS CONTROL |
NET1629 - The network element's auxiliary port must be disabled unless it is connected to a secured modem. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | CONFIGURATION MANAGEMENT |
NET1636 - The network device must require authentication prior to establishing a management connection for administrative access - Classes | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | IDENTIFICATION AND AUTHENTICATION |
NET1638 - Management connections must be established using secure protocols with FIPS 140-2 modules - HTTP | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | CONFIGURATION MANAGEMENT |
NET1638 - Management connections must be established using secure protocols with FIPS 140-2 modules - other services | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1645 - The network element must be configured to timeout after 60 seconds or less for incomplete or broken SSH sessions. | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | ACCESS CONTROL |
NET1660 - The network device must use SNMPv3 Security Model with FIPS 140-2 validated cryptography - authentication-none | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | SYSTEM AND COMMUNICATIONS PROTECTION |
NET1660 - The network device must use SNMPv3 Security Model with FIPS 140-2 validated cryptography - SNMP v1/2 | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | IDENTIFICATION AND AUTHENTICATION |
NET1665 - The network device must not use the default or well-known SNMP community strings public and private - SNMPv1/2 public | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | IDENTIFICATION AND AUTHENTICATION |
NET1665 - The network device must not use the default or well-known SNMP community strings public and private - SNMPv3 private | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | IDENTIFICATION AND AUTHENTICATION |
NET1665 - The network device must not use the default or well-known SNMP community strings public and private - SNMPv3 public | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | IDENTIFICATION AND AUTHENTICATION |
NET1675 - The network device must use different SNMP community names or groups for various levels of read and write access - SNMPv1/2 | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | IDENTIFICATION AND AUTHENTICATION |
NET1808 - Gateway configuration at the remote VPN end-point is a not a mirror of the local gateway | DISA STIG Juniper Infrastructure Router V8R29 | Juniper | CONFIGURATION MANAGEMENT |