5.3.19 Ensure SSH Idle Timeout Interval is configured - ClientAliveInterval | CIS Red Hat Enterprise Linux 7 STIG v2.0.0 STIG | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
AIX7-00-002128 - If bash is used, AIX must display logout messages. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL |
AIX7-00-002129 - If Bourne / ksh shell is used, AIX must display logout messages. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL |
AIX7-00-002130 - If csh/tcsh shell is used, AIX must display logout messages. | DISA STIG AIX 7.x v3r1 | Unix | ACCESS CONTROL |
APPL-14-000130 - The macOS system must configure SSHD unused connection timeout to 900. | DISA Apple macOS 14 (Sonoma) STIG v2r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
APPL-15-000120 - The macOS system must configure SSHD channel timeout to 900. | DISA Apple macOS 15 (Sequoia) STIG v1r1 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
AS24-U1-000650 - The Apache web server must set an inactive timeout for sessions - reqtimeout_module | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | ACCESS CONTROL |
AS24-U1-000650 - The Apache web server must set an inactive timeout for sessions. | DISA STIG Apache Server 2.4 Unix Server v3r1 Middleware | Unix | ACCESS CONTROL |
AS24-U1-000650 - The Apache web server must set an inactive timeout for sessions. | DISA STIG Apache Server 2.4 Unix Server v3r1 | Unix | ACCESS CONTROL |
AS24-W1-000640 - The Apache web server must set an absolute timeout for sessions. | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | ACCESS CONTROL |
AS24-W1-000640 - The Apache web server must set an absolute timeout for sessions. | DISA STIG Apache Server 2.4 Windows Server v3r1 | Windows | ACCESS CONTROL |
AS24-W1-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - mod_reqtimeout | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | ACCESS CONTROL |
AS24-W1-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - mod_reqtimeout | DISA STIG Apache Server 2.4 Windows Server v3r1 | Windows | ACCESS CONTROL |
AS24-W1-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - RequestReadTimeout | DISA STIG Apache Server 2.4 Windows Server v2r3 | Windows | ACCESS CONTROL |
AS24-W1-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - RequestReadTimeout | DISA STIG Apache Server 2.4 Windows Server v3r1 | Windows | ACCESS CONTROL |
AS24-W2-000640 - The Apache web server must set an absolute timeout for sessions. | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | ACCESS CONTROL |
AS24-W2-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - mod_reqtimeout | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | ACCESS CONTROL |
AS24-W2-000650 - The Apache web server must set an inactive timeout for completing the TLS handshake - RequestReadTimeout | DISA STIG Apache Server 2.4 Windows Site v2r1 | Windows | ACCESS CONTROL |
DB2X-00-006400 - DB2 must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect. | DISA STIG IBM DB2 v10.5 LUW v2r1 Database | IBM_DB2DB | ACCESS CONTROL |
DKER-EE-002970 - The Docker Enterprise per user limit login session control must be set per the requirements in the System Security Plan (SSP). | DISA STIG Docker Enterprise 2.x Linux/Unix UCP v2r2 | Unix | ACCESS CONTROL |
EP11-00-006700 - The EDB Postgres Advanced Server must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect. | EDB PostgreSQL Advanced Server v11 DB Audit v2r4 | PostgreSQLDB | ACCESS CONTROL |
ESXI-67-000042 - The ESXi host must terminate shell services after 10 minutes. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
ESXI-67-000043 - The ESXi host must log out of the console UI after two minutes. | DISA STIG VMware vSphere 6.7 ESXi v1r3 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
ESXI-70-000041 - The ESXi host must set a timeout to automatically disable idle shell sessions after two minutes. | DISA STIG VMware vSphere 7.0 ESXi v1r2 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
ESXI-80-000068 The ESXi host must set a timeout to automatically end idle shell sessions after fifteen minutes. | DISA VMware vSphere 8.0 ESXi STIG v2r1 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
EX13-MB-000275 - The Exchange Receive connector timeout must be limited. | DISA Microsoft Exchange 2013 Mailbox Server STIG v2r3 | Windows | ACCESS CONTROL |
EX16-MB-000550 - The Exchange Receive connector timeout must be limited. | DISA Microsoft Exchange 2016 Mailbox Server STIG v2r6 | Windows | ACCESS CONTROL |
F5BI-AP-000147 - The BIG-IP APM module access policy profile must be configured to automatically terminate user sessions for users connected to virtual servers when organization-defined conditions or trigger events occur that require a session disconnect. | DISA F5 BIG-IP Access Policy Manager STIG v2r3 | F5 | ACCESS CONTROL |
IIST-SI-000235 - The Idle Time-out monitor for each IIS 10.0 website must be enabled. | DISA IIS 10.0 Site v2r9 | Windows | ACCESS CONTROL |
IIST-SI-000236 - The IIS 10.0 websites connectionTimeout setting must be explicitly configured to disconnect an idle session. | DISA IIS 10.0 Site v2r9 | Windows | ACCESS CONTROL |
IISW-SI-000235 - The Idle Time-out monitor for each IIS 8.5 website must be enabled. | DISA IIS 8.5 Site v2r9 | Windows | ACCESS CONTROL |
IISW-SI-000236 - The IIS 8.5 websites connectionTimeout setting must be explicitly configured to disconnect an idle session. | DISA IIS 8.5 Site v2r9 | Windows | ACCESS CONTROL |
JUSX-VN-000002 - The Juniper SRX Services Gateway VPN must renegotiate the IPsec security association after 8 hours or less. | DISA Juniper SRX Services Gateway VPN v3r1 | Juniper | ACCESS CONTROL |
JUSX-VN-000003 - The Juniper SRX Services Gateway VPN must renegotiate the IKE security association after 24 hours or less. | DISA Juniper SRX Services Gateway VPN v3r1 | Juniper | ACCESS CONTROL |
O112-C2-016500 - The DBMS must terminate the network connection associated with a communications session at the end of the session or after 15 minutes of inactivity. | DISA STIG Oracle 11.2g v2r5 Database | OracleDB | ACCESS CONTROL |
O121-C2-016500 - The DBMS must terminate the network connection associated with a communications session at the end of the session or 15 minutes of inactivity. | DISA STIG Oracle 12c v3r1 Database | OracleDB | ACCESS CONTROL |
OL08-00-010200 - OL 8 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive. | DISA Oracle Linux 8 STIG v2r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
OL08-00-010201 - OL 8 must be configured so that all network connections associated with SSH traffic are terminated after 10 minutes of becoming unresponsive. | DISA Oracle Linux 8 STIG v2r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
PGS9-00-011600 - PostgreSQL must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect. | DISA STIG PostgreSQL 9.x on RHEL DB v2r5 | PostgreSQLDB | ACCESS CONTROL |
PHTN-30-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less. | DISA STIG VMware vSphere 7.0 Photon OS v1r3 | Unix | ACCESS CONTROL, MAINTENANCE |
PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - duration | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL, MAINTENANCE |
PHTN-67-000005 - The Photon operating system must set a session inactivity timeout of 15 minutes or less - readonly | DISA STIG VMware vSphere 6.7 Photon OS v1r6 | Unix | ACCESS CONTROL, MAINTENANCE |
PPS9-00-006700 - The EDB Postgres Advanced Server must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect. | EDB PostgreSQL Advanced Server DB Audit v2r3 | PostgreSQLDB | ACCESS CONTROL |
RHEL-09-255095 - RHEL 9 must be configured so that all network connections associated with SSH traffic terminate after becoming unresponsive. | DISA Red Hat Enterprise Linux 9 STIG v2r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
SLES-15-010320 - The SUSE operating system for all network connections associated with SSH traffic must immediately terminate at the end of the session or after 10 minutes of inactivity. | DISA SLES 15 STIG v2r2 | Unix | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
SPLK-CL-000190 - Splunk Enterprise idle session timeout must be set to not exceed 15 minutes. | DISA STIG Splunk Enterprise 7.x for Windows v3r1 REST API | Splunk | ACCESS CONTROL |
SQL4-00-031700 - SQL Server must automatically terminate a user session after organization-defined conditions or trigger events requiring session disconnect. | DISA STIG SQL Server 2014 Instance DB Audit v2r4 | MS_SQLDB | ACCESS CONTROL |
TCAT-AS-000970 - Idle timeout for the management application must be set to 10 minutes. | DISA STIG Apache Tomcat Application Server 9 v3r1 Middleware | Unix | ACCESS CONTROL |
VCSA-80-000089 The vCenter Server must terminate vSphere Client sessions after 15 minutes of inactivity. | DISA VMware vSphere 8.0 vCenter STIG v2r1 | VMware | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |
WN22-DC-000160 - Windows Server 2022 directory service must be configured to terminate LDAP-based network connections to the directory server after five minutes of inactivity. | DISA Windows Server 2022 STIG v2r2 | Windows | ACCESS CONTROL, SYSTEM AND COMMUNICATIONS PROTECTION |